sham-store.shop Open in urlscan Pro
2a02:4780:b:852:0:ced:64b8:10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Submission: On June 15 via manual (June 15th 2023, 5:09:03 pm UTC) from US — Scanned from DE

Summary HTTP 247 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 45 IPs in 10 countries across 39 domains to perform 247 HTTP transactions. The main IP is 2a02:4780:b:852:0:ced:64b8:10, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is sham-store.shop.
TLS certificate: Issued by R3 on June 3rd 2023. Valid for: 3 months.

This is the only time sham-store.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	2a02:4780:b:8... 2a02:4780:b:852:0:ced:64b8:10	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 3	2600:9000:225... 2600:9000:225e:fe00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:9d37:69dd:1802:43b7	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
28	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 22	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 6	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.250.57.204 34.250.57.204	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:a200:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:a600:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:af59:edb8:6ff5:5fcc	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:93c2:afdd:6b38:a325	16509 (AMAZON-02) (AMAZON-02)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
247	45

55 2a02:4780:b:852:0:ced:64b8:10 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

sham-store.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225e:fe00:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:9d37:69dd:1802:43b7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.74.194 (Staten Island, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.97.41 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.57.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-57-204.eu-west-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:a200:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:a600:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Indonesia)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.5.84 (Denmark) 8 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:af59:edb8:6ff5:5fcc (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:93c2:afdd:6b38:a325 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	sham-store.shop sham-store.shop	699 KB
54	criteo.net static.criteo.net — Cisco Umbrella Rank: 583 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9160 csm.eu.criteo.net — Cisco Umbrella Rank: 8989	2 MB
38	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 ad.doubleclick.net — Cisco Umbrella Rank: 184	100 KB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	311 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29450 ad4m.at — Cisco Umbrella Rank: 9747 assets.ad4m.at — Cisco Umbrella Rank: 39050	554 KB
14	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 20441 ads.eu.criteo.com — Cisco Umbrella Rank: 8915 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9898 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 25981 dis.criteo.com — Cisco Umbrella Rank: 601	169 KB
8	adform.net 8 redirects c1.adform.net — Cisco Umbrella Rank: 635	6 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	1 KB
6	teads.tv 3 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	1 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	335 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
4	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 2705 d.adroll.com — Cisco Umbrella Rank: 1432	25 KB
3	w55c.net i.w55c.net — Cisco Umbrella Rank: 2530 cti.w55c.net — Cisco Umbrella Rank: 4138 ads.w55c.net — Cisco Umbrella Rank: 10479	67 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	216 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4988	653 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 566	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 130926 static-de.ad4mat.net — Cisco Umbrella Rank: 177631	4 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6896	883 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	531 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 846	799 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 422 fonts.googleapis.com — Cisco Umbrella Rank: 80	7 KB
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 53229	365 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 76803	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 69816	439 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 69350	263 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16217	704 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 874	339 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1675	298 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 976	715 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	547 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	716 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	187 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 177167	920 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2376	174 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3231	105 B
1	gstatic.com fonts.gstatic.com	31 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	384 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1988	39 KB
247	39

	Domain	Requested by
55	sham-store.shop	sham-store.shop
28	static.criteo.net	ads.eu.criteo.com
22	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net sham-store.shop
18	imageproxy.eu.criteo.net	ads.eu.criteo.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net sham-store.shop
14	pagead2.googlesyndication.com	sham-store.shop pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	c1.adform.net	8 redirects
8	csm.eu.criteo.net	ads.eu.criteo.com
6	assets.ad4m.at	as.ad4m.at
6	sync.teads.tv	3 redirects sham-store.shop googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	cat.nl3.eu.criteo.com	ads.eu.criteo.com
4	ads.eu.criteo.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	s.adroll.com	1 redirects sham-store.shop
3	www.googletagmanager.com	sham-store.shop www.googletagmanager.com
2	ad.doubleclick.net	2 redirects
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	ads.travelaudience.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net sham-store.shop
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	pv.medialead.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.awin1.com	as.ad4m.at
1	onetag-sys.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	t.hspvst.com	googleads.g.doubleclick.net
1	ads.w55c.net	googleads.g.doubleclick.net
1	cti.w55c.net	googleads.g.doubleclick.net
1	i.w55c.net	sham-store.shop
1	prod-rtb.ad4mat.net	sham-store.shop
1	tr.blismedia.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	d.adroll.com	s.adroll.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.gravatar.com	sham-store.shop
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	sham-store.shop
247	58

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.tumblr.com
pinterest.com
reddit.com
api.whatsapp.com
vk.com
telegram.me

Subject Issuer	Validity	Valid
sham-store.shop R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-03` - `2023-08-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-06-04` - `2023-09-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M01	`2023-02-11` - `2023-10-12`	8 months	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Frame ID: 3BE1852E587E14997FD9739AD0E41C93
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html
Frame ID: 5201635EB38297470FBE0756CB08E6A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&adk=2969136045&adf=3689892565&lmt=1686844847&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l&format=0x0&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848932978&bpp=8&bdt=1239&idt=503&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8319186508196&frm=20&pv=2&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=554
Frame ID: B098E49C7C3C45AFF7680A48416F2633
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=300&slotname=3912869825&adk=3132528263&adf=4266349633&pi=t.ma~as.3912869825&w=300&lmt=1686844847&format=300x300&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848932986&bpp=1&bdt=1246&idt=615&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQnAvnlidG&p=https%3A//sham-store.shop&dtd=624
Frame ID: BC82E771AC3BE30D0169706E8A590D5B
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpQAKoJIDihcUAAxt306hxI4TPtlAkFuUOw&u=%7CpOyHuc4iCYztbRyRpCllwhGuh4pmA0YZz7E9kg14BpE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zkoMxsekyy3vtXJWQ6G1T5bkVzxWKmG_Ar0UZzfRX75JLvNVcAG-pJggGD1T_a3AGmDsDfjlmzdEOWpII0PaKONUMJTNMrks0ubUzhrnzIXYcG74jV5yNNszURFc1H1L4f9USugxwlXUjuKgoZSQNyLPRpksnyA3ZIB567O22q7UR4xs-zBipD9DHW0z6BJGcXR6ii7GWNE_NPSqDr3DLfuonk31P9c8T53XYoGZ6hvPEDYg7wUghUQv7_LgR9m6Q5wrQOayjGd4Ne99iOqnscX4OmmjXPpe2Je97df7bhIclFt1AqKt8FHABHmCGTUeZ-Z49rhi7Hxht7UtfUEZ8QzwUlqMIC97YuzVImOAbwQXjFCIC-N9T8WwqxYMzWry3XtiJHVVXhCqJNA8CilXM9RRUN2ml2PoSExRvZGuUY6MRIhkbAQ1Ce3sInU7hRA0Lnr40jfCZhwMUMsvtbSIxuCjv9YTqv5YO8LgyAabiQdcWTpxgh2f3xYWWF2hCIQ7c514brX27rETujaOFuvExeH9Zf4B9fdrdgmikG93PpBxL9jvyxwKq_M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1g2vpUWLZJLBKpSuqMwP39ux4AXJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgSpAk_QUr2_zPM3ADn9I5B14TXmvWcNRbxJkUg3IldNf6J9gQ5vi_wT-QRuHuC2gQ0Wq47bFsRNSXzIxX_JPfu0ZE3QSgC8hMSHE_sF5E8QoGFpNtru4_hN-XJPYUcgcsyxnoRwqx3M3SdXYzNk_CRdxBm-S9iS7yc9WkFzsQVtVglAmSyEhz4SYxNxrf71Xd_UA142aRI5fLWvV_wtxBeTxi5oGRemagqbGKAcByLzdloToa5BZM_8P9Q3AYAYkpKy_TOBOEbOkiD4l2O04Rz8EpKZvneAQQYCT7qJU7eP_B49pJY1O3ElAQfaSJ7U0REPdggC5E_k-XsktDG806SqZNWq1hmamYkkDPKqDTUb5BPfUISXvSbYdtxCRiHiAen_bbgUyrYkbixXO4AG_cimh-TIuoC7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_336cDRBWa3jBiIu3JYe34g8CGzgw%26client%3Dca-pub-9491495309229936%26adurl%3D
Frame ID: 3081CB28B73EB650701B963F7BB22C3A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=1138032768&pi=t.aa~a.2021211784~i.5~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=2&bdt=2571&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=2&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Qp4WrJN3vU&p=https%3A//sham-store.shop&dtd=12
Frame ID: A5170C32F55FF2A3EEE9542836B60015
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21
Frame ID: 46CA0902FB8A7C706BB2CC6C0C460F9B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53
Frame ID: 5A0274FAB349D6ADA3A297573F182509
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=1761866724&pi=t.aa~a.1794496191~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=2&bdt=2633&idt=2&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280%2C370x280&nras=5&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=2830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=QyQWQ5FHFg&p=https%3A//sham-store.shop&dtd=62
Frame ID: D63A63EA7F0C3E8E9B6D9796F0742191
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3A106B34BC4065DB3F0FA52D364EFAD6
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpgAFkh4IFUB5AAWma9jxyQMlUq4uS6-HPQ&u=%7CCasp2cPCKnbE%2BySXCQ1Y12pYFJwgBkwyIaGElJ5HU%2F0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8yozuPOp1T6J4tR9U6u_MOyamnthb2crK4OfPz7X2n4nd6xwzVxfkNM5PrG-JdWHxB0-HPypednthigxFwUfNZzPXAX5_E_GFHz6cYgPhP_k9gbJKLr6RpbGORKrrg_5jyMK09Y58mhaEV06INSZlRJ4LuYj_jbZMExIB8MHiVS4_bT3lntZcE0I1Hq26xeTH9l8Q8np0VlGXHWgr_np4LWba211bSXgs7Jn4CI1bad9yxTL8yRrwsuM4zVB0SS56ZEKsSdkpY1A8odqtzdmTlEg0ONoEoF6JHzM2nCVjoPr0aU7ogX47xCpeKVBPX7UPZ9_RQ_u404g7nwL5XE8QsqtQ9-8TOswl-2_TEb_O6GhHl_EFy4xYacA8IZxABGjvIhxhJoVw5bBK05YIY-H0Pab0K8z9mTor_-ddXGoilHTBvV4vkeRZcmyfi13QntIpawgAcWWIXA5v5mkNs0QjWTMFc0GQ6Vu5p0FHhVHasqwcgWJ7ZVxBOHm6yck-w_ecDG0jX7jUT8Ofk6CYXbHBSUwBWuA6pzwCawgDNT9dAjzk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9XBSpkWLZJ6kFvmA1fAP68yW0A7JntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQKukW5srEmyPqgDAaoEzQJP0MAsqw4INKDI2-E2iKIvEl2M-eRrxlaZw6fj8zKHyv-FHQxUtsoHmOAT6TslAod3QBWnjMEp5Yqfm5oEp5dHNza3ZX4vNr-eCzf66FMK0NWxafZFdI0_yuJ9oOGXiwl0pTaQk60zGcR1qBguc_m3gvtT_VsnXbCjq4TI5tWP2i2Orc1IZ-WGewxUOWHmDoClZGat7LvJ2Txzr2kds44ZxnBop_qIntq8wRfP_RYGJ79CXI3B224MER8pUBaLIy9yH0HRI4GIr5HEz4NJvi0ZUTqgHq_8FIL_-ALf1kVFmxMRWe2EG7tl7byYsZzaGjv_AKL8aH0Vt3ajd6gRz2OOn0WMx0hT0HymoNfiCFcD5KKIMyBPOdbqd4fvGK2UR9taR5P9xPmns0r0HGdy6m9GMZX2-Agzm3huI7-IOjQh8wCSRfx7i1HjCKzddr2ABv3IpofkyLqAuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wzYbUz4WrZa6JMBPIf44gRz87rA%26client%3Dca-pub-9491495309229936%26adurl%3D
Frame ID: D636943BF5713D88253B5409F32BE4DC
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2FCFA8DE3DA3931E15A7C9A0DB82C308
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpQAJzW8FKMnaAA3DC28Ir-r4kJpu-qp6Kg&u=%7CpOyHuc4iCYwkz5FhlF3q8iYBehTxVbIDj1%2FuQvpsk9s%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8ylK3oQt3W75db2RniAfsema07Cw_YSiW0zQHu58KEabXbgTJuEefw8Y5HuMqWXo4gZOVn_fIxYh4CbFJ5hN5RXfYPfjtk0pOoi7PqnUTmQFzxhHqYFuuoxLHl0NVn5_TUE_F7hxP4sKJZvWrd5QWyCKc-b5av8Hp4XTI3Nrp12E0HUiBZQHHSl55po4AGhUERYo9M_l0yT471w_eLKGXtvVt7dypNtywA1WhsqUU4htp7b9lS2K3oPaIKoEGqhaohTTAE3ScElvKdflZ4r46zZwrhm39d5uepquwoit2Jl8dx7RHbvETZ3uoxiQSeCXLqqOGVHXJlVcG3bA8zqQHhxLK6MPu83VYWdCGVawyjNTLBvB17wUfRCIQL8nJYvoHOPodTyY-BktRiG8s41M0r9Xoad4cRD_gqdutB6WW5XypDzWnbSfF5pwVi3NGwS9iWeQPOv8_y--nZodKoBxrP-e-T9rSQvIRj46LR3u7OImVyqH4t4Uca4PpQw-HwBKFroyQ-HJBj7_20neygc4sUdud5T4zDb5r9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNmxvpUWLZO-aJ9qTo9kPi4a3kAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgSkAk_QLPVbBi435W6xbEyTN81_5_oFWeGlSijoNjdYyd3hLDfL0xyRJeqnQtx5ceps4Rv--6MvT3XfgkFey2jG0klSlTiQn3x4vr1aGR2qVRNsD31RYmGEABWPgBp3slFSJA4LrKWTTczn66JbOqp0-naz1qrcHP15nRpRUP9jEdp9gFcGOMLhdNKAqOc6wimSW2q7GLqatnPqeB_x8eIxXFyG4FH1er-HYNC4x3hnB9gponhOaUfsx4Lex_q7Mgk_g_HZ3__sgTQzEfSbmUdAFVThaJhRkrtqLXhKXqvqbK5Jjfe_4mjtCDTiXzGg_Agbi-inFuRV_JYBj5RYg_hGbE6ptvDgF33qm05KhFTp0fI5WQufVI1V0G9-8ilmrk9uygKBOnGABv3IpofkyLqAuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rMf0iNCmsD3eImawBVGy03ZSWog%26client%3Dca-pub-9491495309229936%26adurl%3D
Frame ID: BEF6F7FCBDCA349802EC10D9D9096B96
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CYi1UpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEpgJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2zeogw2PL7vKRWLtM97j2E2L6FBZkQFI-FZvfxa9ef4U32Tl4NQ3ByABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk0OTE0OTUzMDkyMjk5MzYYAA&sigh=MwIWW1Vw39A&uach_m=[UACH]&cid=CAQSKQBygQiD2x2afd31E9vKhh-Nl1q5Rxc1CZNXVJ3yoOcc8Ibyn5mOZeQ0GAE
Frame ID: 28BA169A1569EBE8A7BDA2CA790E25F3
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jnsbddp9qshcdhhcdqe503ys7vj0efr8caxtkz5jeqykmgfvqtfbahe8pr76z0kjfegf1sqf8xx3bhkjpcy8qmy7zj6xdbt13f90mevcgw4v8n05483yp9jq55q9r8kkyhsfrpgbydqvr1y0wsxan1d2wqvq67kh61tph5k54rwemwpezas2ncj0baedxmrqpkry6n8c4wfb33v83avbyrn3dat6waj9xnqdscjkej72vxegy2650b38awrdyxv978zrhkmmdbcshafvxfdy0s1zjmmcttrdtvjkymne7y6ppt0h1epxr36bxpc84pzw9235hztkvavhxb6ddgwmczyv2h9a4tvhhq3ptj7zt1grda83hdm6yr2yxvackkga8pzd0td8bv0707wyqg0qms3cq0xaqx9t8pxzn1wndmczmjvww9k0t8653etede0dnwyhccq6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%26client%3Dca-pub-9491495309229936%26adurl%3D
Frame ID: 070EFFE78A5ACDE372A418E368CC7F67
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F9F849BB7A78163AB2B33F5B1CDE50DB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Co53bpkWLZM2jH-69qMwPhY2AoA66iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqAMBqgSmAk_QeI5jPnHjbwO2KhranJ7crDEf3c4g12QbAYgRJElfKDDJhEVr8brrGMKbC7P7b9mEOoCEMbDGe-QUzcRi8NlrHAuyNQ1uKSiXS-q93tEfpk9xErf6Zj1Xf8Uqa94EyD8ACPvJEF8LX5co-QBeL2pmTdXk38OIQGe9UqsrJlc5ff2B2pDuEDZgSBmbJvwrD6lfZ_EpFf725sZC34laOFaGRnGpkBsDTzfe93DttlW7hqvT6l6HXFSInUYzbzCTenK_8FSOoA1hU5324lUvf-GJRyIDXVjOSV2T77YdUG1okQiD_S60jIgmsmQ4nkrmsyi-eL5HUofOg5t9dzXsgrwq66MyqgHYs1v3Gznae2HA3DdUNQ4LvvlWVhzhSILRXFqSY4T-_YAGqtCz49CR94-5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTQ5MTQ5NTMwOTIyOTkzNhgA&sigh=vihPJySJdWo&uach_m=[UACH]&cid=CAQSKQBygQiD9TGGZ-9eUxJKAbbLcKBQlM2UVXQ1eiZw5Wxs2MtZ0GuMF7YSGAE
Frame ID: 411128B0AAEEABBA36A411576B2FA141
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpgAFlbUIFUbKAAekx7mQnbrTCYG0kO4c6g&u=%7CCasp2cPCKnZi1TnHYgasWJ%2BxFo0wwD9YQHJZ1g%2FS%2BAs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8yozuPOp1T6J4tR9U6u_MOyaInZeVL0CuJRM_4l4oIEvk2fMddbehpYxpXNk5QdwQkk3rWEK453ufXZ0c5FmVDOQYk2fcgOkugZI09TxCMBj8yWyMhAvuKSWRjlbhNdDtte6kDiCYAq0Qn3kdk_c_B8xXeVEfKCtlO026zDcF9nCR3KZyVgBqg-lhtLEXm4grn3WqoXSb-6ToECBXZCXLNSKYGm7o4hlMJYj6n2F41IGuC2V0FTV3r7WdRiu59veExiCOWQrkv7j-3SD-maOEWBXp6gxoR27Xcf-SHrY8QSXdGEVzHNoW6Mgb_rnLwiVGIKMy15eGUwZ-JiQuURFxRbzvcJ5Ad55fJLUCJO5fCqllA8wdkZGdrvkZO6L6Wpid1Muyh9GEVNZ0PMLB4zu1UxAsIAKOd2loMrhE8Htsurx4D9O6CC5-IXXDjFlzhrK_SaY4jXTJiWwLEhnFzqZuOug2SV4ELBZoZLKzL_7NSvEYwlFo6Xy0kcHcNiA2bTGsTQ6H-H0TBtLtZdHpTZs0Hjy1DQoRzoKXY7RLvrAUc_Ni237nKVKR1AA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPmZ9pkWLZLWrFsqN1fAPx8meyAfJntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgTNAk_Qo8KFLlMLO9j5wwvzKiHv1XP-ej7BoX7qrwFufknxewB8HcM3rwYmXOqDIvK4CoYSOkHWbt8B7d_mQXceYgMf9dyjUeQR27wUCdwkYwLhRLH_bXizNSPJIzEk2NQIN_NwmZ8zOLYLpN1LBFI6t7L33wiBY2Lwe4zS3J4tjLo3JAXnP0ZR6CvwtnXyJE3OkOlUbTqVVw2Bof4xWAXIrScyiOtyPFRGNninpvm6dn3Th6Sm6Kg6xlakBVUShuLKFjnI7AFs-KYN4to2_wIB8TWgD8W8lhVCZxiiHHEhTdSDffHdJSpzUTb8U77nYLgqJ__IFJOd9_Wz9grOjQ8HyJuMFwyJjzfDIOusi9HOsT4hrfnn8mttOeObQ2Nk2PwVS8Uxhpu40Lh-sLXQw5H8vw_sgRWgZC5XCacFnFIBLjs0wOT_Q2Ucz4KDy0obZ4AG_cimh-TIuoC7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1QhDvfpyRTLSNsBmKW8SHfqQ_PiA%26client%3Dca-pub-9491495309229936%26adurl%3D
Frame ID: 30DC75D9F3817F8A900D80BD9404C5AC
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39FD5E2CA90F9F2733CF91263E0E8DCA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D2F743DB295691FACDB2D0B404434EFB
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 30E99D675FB50AE16743648E73661B1E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Frame ID: 8E9BB55B4FC2A297C3EB3D49681E6701
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6AE16308C159B581556567EEB7EDEAB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C44A713857E86B3D9EA0608E8ECDA42F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NC lawmakers seek to strip Gov. Cooper of power to appoint members to Dem-majority Election Board. - ShamCompany

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

247
Requests

91 %
HTTPS

61 %
IPv6

39
Domains

58
Subdomains

45
IPs

10
Countries

4610 kB
Transfer

8121 kB
Size

29
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.&url=https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/&title=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/&name=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/&description=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.&media=https://sham-store.shop/wp-content/uploads/2023/06/2018-12-08T010341Z_1_LYNXMPEEB7026_RTROPTP_4_USA-GOVERNORS-e1686842882377-870x522.jpg
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/&title=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.
Title: Reddit

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.%20https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Title: VKontakte

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/&text=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.
Title: Telegram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://s.adroll.com/j/exp/BUHPN7SR7VCP7FT6JSGRON/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 148

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAP6rcxkij1S7r8WpUuS6oA&google_cver=1&google_push=ATf1kGNZk3Y09tHZSFCjSasJ0RuarFdbn-NmB0_lOX7d1EDkDQd6K9oGA4RTkd0QW8M740oj5xE6lV3KZSNJNhwUUeUNbIIIsOF9lRc HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=70SU3NTkTw21bb9ir_AVKA2&google_push=ATf1kGNZk3Y09tHZSFCjSasJ0RuarFdbn-NmB0_lOX7d1EDkDQd6K9oGA4RTkd0QW8M740oj5xE6lV3KZSNJNhwUUeUNbIIIsOF9lRc

Request Chain 150

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBmd0hBC_ROoiE65_OnVjH0&google_cver=1&google_push=ATf1kGP7T7lrNDd1vJer1dlGKcmQDasizuAxUSqOVMtTimJTB7DV_ltzobJRgmAQlQSUP4fJVbJEdHXc-7uzHJTEVF1_qBlHdGXDHu1J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGP7T7lrNDd1vJer1dlGKcmQDasizuAxUSqOVMtTimJTB7DV_ltzobJRgmAQlQSUP4fJVbJEdHXc-7uzHJTEVF1_qBlHdGXDHu1J HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 183

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKdFmENVFjE31ly6HCEDzh0&google_cver=1&google_push=ATf1kGPSivG8taL1dbv_7xbJ39gA9RW7eIKo95xfMp_tLW_UMwaGrFqLAUZOrqYpV7pI_pOAZieYMdU7Q3Q9kyClrdGP8RevyuXsyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPSivG8taL1dbv_7xbJ39gA9RW7eIKo95xfMp_tLW_UMwaGrFqLAUZOrqYpV7pI_pOAZieYMdU7Q3Q9kyClrdGP8RevyuXsyw

Request Chain 184

https://a.tribalfusion.com/i.match?p=b6&u=CAESEE1kC18_uEut35cpm337oZ8&google_cver=1&google_push=ATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE1kC18_uEut35cpm337oZ8&google_cver=1&google_push=ATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 186

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGNk9-lOL26X8ujllIoaaNuBjhpO7I4AcbuWdV5lRISnDGhnFzhLD99jFFFWVJB6Tpcn-ZaVf5hNQzBLb6d64Lqe1A0oQ8wGww HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGNk9-lOL26X8ujllIoaaNuBjhpO7I4AcbuWdV5lRISnDGhnFzhLD99jFFFWVJB6Tpcn-ZaVf5hNQzBLb6d64Lqe1A0oQ8wGww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGNk9-lOL26X8ujllIoaaNuBjhpO7I4AcbuWdV5lRISnDGhnFzhLD99jFFFWVJB6Tpcn-ZaVf5hNQzBLb6d64Lqe1A0oQ8wGww

Request Chain 188

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGM1ALPu-vutzWqUjZMlEU0FqkyzF8_GDcy6qJ3l6y8y3tFoPoTFx3Hz8ajlEJ1qigKPfPl57lQpeP1D1fBLToqtgZ4p7kyTng HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGM1ALPu-vutzWqUjZMlEU0FqkyzF8_GDcy6qJ3l6y8y3tFoPoTFx3Hz8ajlEJ1qigKPfPl57lQpeP1D1fBLToqtgZ4p7kyTng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk4NjMxNjIzODk3Mjc2OTEyNQ&google_push=ATf1kGM1ALPu-vutzWqUjZMlEU0FqkyzF8_GDcy6qJ3l6y8y3tFoPoTFx3Hz8ajlEJ1qigKPfPl57lQpeP1D1fBLToqtgZ4p7kyTng

Request Chain 189

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBmd0hBC_ROoiE65_OnVjH0&google_cver=1&google_push=ATf1kGM-POFiML1wrHbtX2r1emmpur4QLS45u6zVxIjvfJetsnFojwNVuDbkYtO4TvuhhsO3UhgLS8hC08YG26nwKLtLY6j4Me_FzYE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGM-POFiML1wrHbtX2r1emmpur4QLS45u6zVxIjvfJetsnFojwNVuDbkYtO4TvuhhsO3UhgLS8hC08YG26nwKLtLY6j4Me_FzYE HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 194

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAoCirb9647ZFJSYd17Nihg&google_cver=1&google_push=ATf1kGNhoGVEai0qFbvuGGUntH87XQfo-XOIVz7d5OeB6tNuDWb-H9JDVjcfD9y7RvjbJnRCxJRIu_ob0ObGm3mv-Nvu1X-_rF0Tb_Y HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNhoGVEai0qFbvuGGUntH87XQfo-XOIVz7d5OeB6tNuDWb-H9JDVjcfD9y7RvjbJnRCxJRIu_ob0ObGm3mv-Nvu1X-_rF0Tb_Y&google_hm=8BdmeMQJSOiNWKirwS34Lw

Request Chain 195

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKdFmENVFjE31ly6HCEDzh0&google_cver=1&google_push=ATf1kGMC5x5KDt1AwWdBMyK8gaKPntqHOu0lF8sAqCKSnxeNeXSqY6vvp_NXIlrlWMyT7U6rFnp3s9iGjFlwCyJ5U8HEeNYG2kM50Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMC5x5KDt1AwWdBMyK8gaKPntqHOu0lF8sAqCKSnxeNeXSqY6vvp_NXIlrlWMyT7U6rFnp3s9iGjFlwCyJ5U8HEeNYG2kM50Q

Request Chain 197

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJLGCrOpg3Q5juGH_n6YYQk&google_cver=1&google_push=ATf1kGNd6HBoekRGxdiAu28kSO-p1dVcCgjtvcT5u3RR8AAPBkBpC1QJpsVGCUYcbSw7_GahdBC511UAUoqEjzKBKmVbUv8R9RX6mA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNd6HBoekRGxdiAu28kSO-p1dVcCgjtvcT5u3RR8AAPBkBpC1QJpsVGCUYcbSw7_GahdBC511UAUoqEjzKBKmVbUv8R9RX6mA&google_hm=eS1vQ3pEbnpSRTJwSHRWdDNMRk95bzdkMnhwOVBoS19rdH5B

Request Chain 198

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGMZcmFfa_q3aymy9vOu_FqIyoNpdFNV7CE8F62KYk3aFtj_M8eZa7kfqEoObUpMHTxpH-9f0RMlI-HHFqlfljsMWWdfq_GBj9A HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGMZcmFfa_q3aymy9vOu_FqIyoNpdFNV7CE8F62KYk3aFtj_M8eZa7kfqEoObUpMHTxpH-9f0RMlI-HHFqlfljsMWWdfq_GBj9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ0MjQ4MTk4NDkyNjAzMTU1OQ&google_push=ATf1kGMZcmFfa_q3aymy9vOu_FqIyoNpdFNV7CE8F62KYk3aFtj_M8eZa7kfqEoObUpMHTxpH-9f0RMlI-HHFqlfljsMWWdfq_GBj9A

Request Chain 199

https://d5p.de17a.com/cookies/google?google_gid=CAESEB9sMxhg-1B2YvTQKw2DvhM&google_cver=1&google_push=ATf1kGOYTMIcnj-PC3TAJaq2_XfqwoZxOxrqGffxH-i7Ebsfvif6-8lk8TsjHy-9tDhZ1RYqyv3UKHs0-pijvVSz7eJpKsxbHytSFOw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEB9sMxhg-1B2YvTQKw2DvhM&google_cver=1&google_push=ATf1kGOYTMIcnj-PC3TAJaq2_XfqwoZxOxrqGffxH-i7Ebsfvif6-8lk8TsjHy-9tDhZ1RYqyv3UKHs0-pijvVSz7eJpKsxbHytSFOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOYTMIcnj-PC3TAJaq2_XfqwoZxOxrqGffxH-i7Ebsfvif6-8lk8TsjHy-9tDhZ1RYqyv3UKHs0-pijvVSz7eJpKsxbHytSFOw

Request Chain 200

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBmd0hBC_ROoiE65_OnVjH0&google_cver=1&google_push=ATf1kGM78yHOBojYsets1M25vqKbZvDSuFt7aW0wSofomf1kpNsO4yomft36exoqAqwPmU33f7cvBB09blD_EC75NRx67VE_lpfnqKY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGM78yHOBojYsets1M25vqKbZvDSuFt7aW0wSofomf1kpNsO4yomft36exoqAqwPmU33f7cvBB09blD_EC75NRx67VE_lpfnqKY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 214

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENEOqftSdTitNvYm7DnPKp0&google_cver=1&google_push=ATf1kGN31fKofDg2EuWsgRJQBWzdXFTMOnTVkP_JoywqAwPOdBZtrIXCAkwGSEpg-870RXjAa4fLPw3NVOwQ1zy5n4PPkVZ3taLylDs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENEOqftSdTitNvYm7DnPKp0&google_push=ATf1kGN31fKofDg2EuWsgRJQBWzdXFTMOnTVkP_JoywqAwPOdBZtrIXCAkwGSEpg-870RXjAa4fLPw3NVOwQ1zy5n4PPkVZ3taLylDs

Request Chain 215

https://um.simpli.fi/gp_match?google_gid=CAESENa8GaYOVmStxT5tHpSLw5I&google_cver=1&google_push=ATf1kGNKx3RuPYVbrgqGtCKXog2GVZzpiZAAPcejQyHHUU-6-g_JuDzGjlMrNbxGtBbAxArummPyBdpUva0mcVS0kH4uWc-5CrQSlo0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F41917FE21247A5A27EA049D8E18DA0&google_push=ATf1kGNKx3RuPYVbrgqGtCKXog2GVZzpiZAAPcejQyHHUU-6-g_JuDzGjlMrNbxGtBbAxArummPyBdpUva0mcVS0kH4uWc-5CrQSlo0

Request Chain 216

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAP6rcxkij1S7r8WpUuS6oA&google_cver=1&google_push=ATf1kGPF489bAq8Gbqr8eKiTvWLH3sQ4uRQxerw3ql8xtQONWuqSEysBlDALwlDAvI5bHIxICxe7GzEpDvkaemmN_9R_l85Ud8cU9o4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=70SU3NTkTw21bb9ir_AVKA2&google_push=ATf1kGPF489bAq8Gbqr8eKiTvWLH3sQ4uRQxerw3ql8xtQONWuqSEysBlDALwlDAvI5bHIxICxe7GzEpDvkaemmN_9R_l85Ud8cU9o4

Request Chain 217

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGNUEqvADT7lUm1KV97adldWY0XDywknhf5UUSlDYgDmuxh0P3XyZSnrIttfrDEhn5Jjcpr30PFI-pG8D8VsnTSinSCi_0q7FXk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGNUEqvADT7lUm1KV97adldWY0XDywknhf5UUSlDYgDmuxh0P3XyZSnrIttfrDEhn5Jjcpr30PFI-pG8D8VsnTSinSCi_0q7FXk

Request Chain 218

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGOjS-kwmqJoC9dNEmj69te9q3yB89mwXfuq7-vHwa67q4dCq5wtyWNMIdJnltMoHpPjNuWbUPdydHWKD_bd47QLgr8x2pivJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGOjS-kwmqJoC9dNEmj69te9q3yB89mwXfuq7-vHwa67q4dCq5wtyWNMIdJnltMoHpPjNuWbUPdydHWKD_bd47QLgr8x2pivJg

Request Chain 220

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBbEDJPeqcPJuWlAP5714RM&google_cver=1&google_push=ATf1kGNMiKrshxLv3qCVTifqvN8-1P-vD-dob-2-IW2vgWjFbW4vPEWXUw33PIWhWS3jBzXEBZvTOBOscUAquqEFo_saqoAzhvnLt5k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNMiKrshxLv3qCVTifqvN8-1P-vD-dob-2-IW2vgWjFbW4vPEWXUw33PIWhWS3jBzXEBZvTOBOscUAquqEFo_saqoAzhvnLt5k

Request Chain 235

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKb9_fzhxf8CFQCW_QcdBrkOLg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023061519085685927015841X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023061519085685927015841X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218

247 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/ 251 KB
59 KB 533ms
154ms Document
text/html 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6dac5f0abc3947e371bfbc0ee85641df8aebde0e0b03409ed8df991bea37b6d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=0
content-encoding: gzip
content-length: 59694
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 15 Jun 2023 17:08:51 GMT
expires: Thu, 15 Jun 2023 17:08:51 GMT
last-modified: Thu, 15 Jun 2023 16:00:47 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 Screenshot_1-removebg-preview-2.png
sham-store.shop/wp-content/uploads/2023/02/ 9 KB
9 KB 291ms
289ms Image
image/png 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/02/Screenshot_1-removebg-preview-2.png

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d4fc8c1e4e27a926227938fbf2af0085a5b76ac56ff695b1208005a34b0ddbc9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:51 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 03 Feb 2023 22:20:45 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 9331
expires: Fri, 13 Oct 2023 17:08:51 GMT

GET
H2 200 2018-12-08T010341Z_1_LYNXMPEEB7026_RTROPTP_4_USA-GOVERNORS-e1686842882377-870x522-780x470.jpg
sham-store.shop/wp-content/uploads/2023/06/ 45 KB
45 KB 292ms
290ms Image
image/jpeg 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/06/2018-12-08T010341Z_1_LYNXMPEEB7026_RTROPTP_4_USA-GOVERNORS-e1686842882377-870x522-780x470.jpg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b65d4e739a96948e44d42ea43453f3bb2cbbabdc59f0c053fa42d36bca7f345f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:51 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Jun 2023 16:00:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 45890
expires: Fri, 13 Oct 2023 17:08:51 GMT

GET
H2 200 tielabs-fonticon.woff
sham-store.shop/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
40 KB 290ms
289ms Font
application/font-woff 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Origin: https://sham-store.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:51 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
platform: hostinger
content-length: 40536
expires: Sat, 15 Jul 2023 17:08:51 GMT

GET
H2 200 fa-solid-900.woff2
sham-store.shop/wp-content/themes/jannah/assets/fonts/fontawesome/ 78 KB
78 KB 291ms
289ms Font
font/woff2 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Origin: https://sham-store.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:51 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
platform: hostinger
content-length: 79444
expires: Fri, 13 Oct 2023 17:08:51 GMT

GET
H2 200 fa-brands-400.woff2
sham-store.shop/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
75 KB 291ms
289ms Font
font/woff2 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Origin: https://sham-store.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:51 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
platform: hostinger
content-length: 76612
expires: Fri, 13 Oct 2023 17:08:51 GMT

GET
H2 200 fa-regular-400.woff2
sham-store.shop/wp-content/themes/jannah/assets/fonts/fontawesome/ 13 KB
13 KB 291ms
290ms Font
font/woff2 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Origin: https://sham-store.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:51 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
platform: hostinger
content-length: 13584
expires: Fri, 13 Oct 2023 17:08:51 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 09:51:17 GMT

GET
H2 200 classic-themes.min.css
sham-store.shop/wp-includes/css/ 217 B
338 B 297ms
297ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:51 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 16 Feb 2023 23:03:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 217
expires: Fri, 14 Jun 2024 17:08:51 GMT

GET
H2 200 styles.css
sham-store.shop/wp-content/plugins/contact-form-7/includes/css/ 3 KB
984 B 446ms
444ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Jun 2023 22:36:20 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 877
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 style.css
sham-store.shop/wp-content/plugins/taqyeem-buttons/assets/ 4 KB
1015 B 447ms
444ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/taqyeem-buttons/assets/style.css?ver=6.1.3

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:56:54 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 957
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 wp-automatic.css
sham-store.shop/wp-content/plugins/wp-automatic/css/ 3 KB
599 B 447ms
445ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Feb 2023 21:52:52 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 541
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 swiper.min.css
sham-store.shop/wp-content/plugins/wp-tiktok-feed/assets/frontend/swiper/ 15 KB
4 KB 448ms
445ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/wp-tiktok-feed/assets/frontend/swiper/swiper.min.css?ver=4.0.6

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bf1e690b97fd97ddea7a60ef92058c356b1987ea28d6d9c9b397012ab712a297

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Jun 2023 22:36:23 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 3941
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 style.css
sham-store.shop/wp-content/plugins/wp-tiktok-feed/build/frontend/css/ 53 KB
16 KB 448ms
446ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/wp-tiktok-feed/build/frontend/css/style.css?ver=4.0.6

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

74e58c322b655fe36b03bd036c00a36e6792efcf5d3ca7b144c9f4e71ed30908

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Jun 2023 22:36:23 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 15975
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 jquery.lazyloadxt.spinner.css
sham-store.shop/wp-content/plugins/a3-lazy-load/assets/css/ 311 B
208 B 448ms
446ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.1.3

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Jan 2023 16:37:13 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 151
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 base.min.css
sham-store.shop/wp-content/themes/jannah/assets/css/ 41 KB
8 KB 449ms
447ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 7971
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 style.min.css
sham-store.shop/wp-content/themes/jannah/assets/css/ 171 KB
27 KB 449ms
447ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 27488
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 widgets.min.css
sham-store.shop/wp-content/themes/jannah/assets/css/ 53 KB
9 KB 449ms
447ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 8767
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 helpers.min.css
sham-store.shop/wp-content/themes/jannah/assets/css/ 15 KB
3 KB 449ms
448ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 3377
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 fontawesome.css
sham-store.shop/wp-content/themes/jannah/assets/css/ 57 KB
12 KB 450ms
448ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 12003
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 skin.css
sham-store.shop/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 12 KB
2 KB 450ms
449ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 2036
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 shortcodes.min.css
sham-store.shop/wp-content/themes/jannah/assets/css/plugins/ 11 KB
3 KB 450ms
449ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 2577
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 single.min.css
sham-store.shop/wp-content/themes/jannah/assets/css/ 40 KB
7 KB 451ms
450ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 7319
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H3 200 print.css
sham-store.shop/wp-content/themes/jannah/assets/css/ 2 KB
724 B 526ms
523ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/print.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

03dd15a551c408fc3ee4496227c5b0798ead05885e535e47f3fa13b6d0fad687

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 632
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 taqyeem.min.css
sham-store.shop/wp-content/themes/jannah/assets/css/plugins/ 7 KB
2 KB 451ms
450ms Stylesheet
text/css 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/css/plugins/taqyeem.min.css?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8133f6e5c98f920ffbe15f23fc2bf00db1f8cdd8594f79a7a8571dc9695b9ed9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
accept-ranges: bytes
platform: hostinger
content-length: 1620
expires: Fri, 14 Jun 2024 17:08:52 GMT

GET
H2 200 jquery.min.js Show response
sham-store.shop/wp-includes/js/jquery/ 88 KB
30 KB 450ms
450ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 16 Feb 2023 23:02:07 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 30075
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H2 200 jquery-migrate.min.js Show response
sham-store.shop/wp-includes/js/jquery/ 11 KB
4 KB 448ms
448ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 16 Feb 2023 23:02:07 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 3984
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H2 200 main-front.js Show response
sham-store.shop/wp-content/plugins/wp-automatic/js/ 1017 B
351 B 449ms
449ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.1.3

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 21 Feb 2023 21:52:52 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 316
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 135ms
52ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-256355281-1

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40233c691fc8e67260426396c713720f03f346a5e0a37bec080762d13b8fa130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66233
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 16:06:55 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 17:08:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 201ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9491495309229936

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8404536e978aac3d30f769462b1b85b6e93c11b9e3dfa557cc1c33bc54b040bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Origin: https://sham-store.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47603
x-xss-protection: 0
server: cafe
etag: 17138557473391129187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:52 GMT

GET
H3 200 lazy_placeholder.gif
sham-store.shop/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
125 B 525ms
523ms Image
image/gif 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Jan 2023 16:37:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 42
expires: Fri, 13 Oct 2023 17:08:52 GMT

GET
H3 200 imagesloaded.min.js Show response
sham-store.shop/wp-includes/js/ 5 KB
2 KB 157ms
157ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 16 Feb 2023 23:02:09 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1721
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 masonry.min.js Show response
sham-store.shop/wp-includes/js/ 24 KB
7 KB 157ms
157ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-includes/js/masonry.min.js?ver=4.2.2

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 16 Feb 2023 23:02:11 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 7078
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 index.js Show response
sham-store.shop/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 155ms
154ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Jun 2023 22:36:20 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 2877
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 index.js Show response
sham-store.shop/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 185ms
182ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Jun 2023 22:36:20 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 3906
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 swiper.min.js Show response
sham-store.shop/wp-content/plugins/wp-tiktok-feed/assets/frontend/swiper/ 207 KB
41 KB 204ms
201ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/wp-tiktok-feed/assets/frontend/swiper/swiper.min.js?ver=4.0.6

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

993d8adb5355f1f018b4b6eff0e082e1b0f8f30da9a2396b72645d5cbfb15bca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Jun 2023 22:36:23 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 42321
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 index.js Show response
sham-store.shop/wp-content/plugins/wp-tiktok-feed/build/frontend/js/ 87 KB
20 KB 382ms
379ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/wp-tiktok-feed/build/frontend/js/index.js?ver=12f60fea822cc81408b1

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

91a1148af5baa1d6ea3a64540de9e114f23978d92b549e8a0f2e403a135e5d3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Fri, 02 Jun 2023 22:36:23 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 19980
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 jquery.lazyloadxt.extra.min.js Show response
sham-store.shop/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
1 KB 185ms
182ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.0

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Jan 2023 16:37:13 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 1452
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 jquery.lazyloadxt.srcset.min.js Show response
sham-store.shop/wp-content/plugins/a3-lazy-load/assets/js/ 2 KB
721 B 200ms
197ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.0

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Jan 2023 16:37:13 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 697
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 jquery.lazyloadxt.extend.js Show response
sham-store.shop/wp-content/plugins/a3-lazy-load/assets/js/ 1 KB
341 B 203ms
200ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.0

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Jan 2023 16:37:13 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 317
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 scripts.min.js Show response
sham-store.shop/wp-content/themes/jannah/assets/js/ 22 KB
6 KB 409ms
406ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

84f64586f3dd71280aa264aba2d068f6f2fd64cf039d37e4d4062c33e4e8fec4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 6588
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 lightbox.js Show response
sham-store.shop/wp-content/themes/jannah/assets/ilightbox/ 80 KB
24 KB 421ms
418ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 24142
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 sliders.min.js Show response
sham-store.shop/wp-content/themes/jannah/assets/js/ 48 KB
11 KB 476ms
473ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 11055
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 shortcodes.js Show response
sham-store.shop/wp-content/themes/jannah/assets/js/ 11 KB
4 KB 484ms
481ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b5c9fd37dca1ec56a382c45a38fd9aa8425a4b522200f6526b982902f3c3f06c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 3730
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 desktop.min.js Show response
sham-store.shop/wp-content/themes/jannah/assets/js/ 16 KB
5 KB 487ms
484ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 5192
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 live-search.js Show response
sham-store.shop/wp-content/themes/jannah/assets/js/ 14 KB
4 KB 493ms
490ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 4454
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 single.min.js Show response
sham-store.shop/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 502ms
499ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 1809
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 comment-reply.min.js Show response
sham-store.shop/wp-includes/js/ 3 KB
1 KB 506ms
503ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-includes/js/comment-reply.min.js?ver=6.1.3

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 16 Feb 2023 23:02:08 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 1229
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H3 200 br-news.js Show response
sham-store.shop/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 506ms
504ms Script
application/x-javascript 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.7

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 24 Dec 2022 13:50:24 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800,public
accept-ranges: bytes
platform: hostinger
content-length: 1782
expires: Thu, 22 Jun 2023 17:08:52 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/BUHPN7SR7VCP7FT6JSGRON/ 75 KB
23 KB 276ms
243ms Script
text/javascript 2600:9000:225e:fe00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/BUHPN7SR7VCP7FT6JSGRON/roundtrip.js
Requested by: Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:fe00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 721409a2f030d1759b758226c9155d911f49c36dddb22509392df6064515d8b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 17:08:53 GMT
X-Amz-Version-Id: d2Nw2tYESmr0HXtgvtVMx07uZOk5fOET
Content-Encoding: gzip
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Last-Modified: Thu, 15 Jun 2023 12:35:41 GMT
Server: AmazonS3
Etag: W/"4bfd445d7b01be3dd2766ea8cfe3bfdc"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: PbAV5XoVJ58wyAkc540kzuvnH020auyB-Ks-n63Rb_RGsPp31iLEPg==

GET
H3 200 loading.gif
sham-store.shop/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 485ms
485ms Image
image/gif 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/plugins/a3-lazy-load/assets/css/loading.gif

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.1.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.1.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 26 Jan 2023 16:37:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 1690
expires: Fri, 13 Oct 2023 17:08:52 GMT

GET
H3 200 230130-one-time-use-brackeen-family-scotus-tribal-adoptions-se-1211p-fbb4ca-390x220.jpg
sham-store.shop/wp-content/uploads/2023/06/ 16 KB
16 KB 500ms
500ms Image
image/jpeg 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/06/230130-one-time-use-brackeen-family-scotus-tribal-adoptions-se-1211p-fbb4ca-390x220.jpg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

343757d3dfd6f25891141c8ae26a580e0fdee4d8aebe67eb118effcec5599c99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Jun 2023 14:56:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 16788
expires: Fri, 13 Oct 2023 17:08:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-42WJ63WTBL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-256355281-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be17dafcda80034da42aed014dab740f471a837d939058473e9d72394c541455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 17:08:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 383ms
42ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-256355281-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 17:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 245
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 15 Jun 2023 19:04:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
74 KB 79ms
78ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XFTRVMTHCV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-256355281-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9d18e30d3bf47a44c7a09b18bfb60ed8bb519f62f33d7501eb7d365f2a09d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75569
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 17:08:52 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 195ms
117ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9491495309229936&plah=sham-store.shop

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9491495309229936

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6aeeb0b332de2e7c47cac0b796ac6aac7c9b32fed8b0f1efa610ba6f1d712634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120776
x-xss-protection: 0
server: cafe
etag: 3211756255075383112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/ Frame 5201 10 KB
5 KB 131ms
38ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230613/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9491495309229936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 16:08:35 GMT
etag: 15057649708203361565
expires: Thu, 29 Jun 2023 16:08:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9491495309229936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sham-store.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 admin-ajax.php Show response
sham-store.shop/wp-admin/ 63 B
270 B 302ms
302ms XHR
text/html 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://sham-store.shop/wp-admin/admin-ajax.php?postviews_id=7002&action=tie_postviews&_=1686848932701

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

9744b18fa7785cf5f18633b1d8949676896bb28df52e4eff76a3be55f225731e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
x-powered-by: PHP/7.4.33
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
platform: hostinger
content-length: 67
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1005 B 133ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600,regular&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c0084a5075fbd8177e85f6e8d5401f016387735fd92accf20ce5d5da375befa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Jun 2023 17:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 17:04:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jun 2023 17:08:53 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/BUHPN7SR7VCP7FT6JSGRON/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

9ms
8ms

Script
application/javascript

2600:9000:225e:fe00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Protocol: HTTP/1.1
Server: 2600:9000:225e:fe00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Thu, 15 Jun 2023 10:49:42 GMT
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Age: 22754
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -KqcjsV1PMh7mbz_W6A8KY4P1bMWhBlDTcbd2qwGb_PN5kN57yCNsA==

Redirect headers

Date: Thu, 15 Jun 2023 17:08:53 GMT
Via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P4
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0
X-Cache: Error from cloudfront
X-Amz-Cf-Id: kqy8JAS1gu-GYvS2zuPdVOqwioN0CDBpBbRy0oQt9N34_hvKotPvgQ==

GET
H2 200 9cc9a90ca3844bed6fcc4e98a3ea2eb8
secure.gravatar.com/avatar/ 39 KB
39 KB 190ms
151ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/9cc9a90ca3844bed6fcc4e98a3ea2eb8?s=140&d=mm&r=g
Requested by: Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6348856d7c573d71936594315c5928c707be4ba69f74c6e35aa6639a67161cd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Thu, 15 Jun 2023 17:08:53 GMT
last-modified: Mon, 30 May 2022 18:29:37 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="9cc9a90ca3844bed6fcc4e98a3ea2eb8.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/9cc9a90ca3844bed6fcc4e98a3ea2eb8?s=140&d=mm&r=g>; rel="canonical"
content-length: 39797
expires: Thu, 15 Jun 2023 17:13:53 GMT

GET
H3 200 2018-12-08T010341Z_1_LYNXMPEEB7026_RTROPTP_4_USA-GOVERNORS-e1686842882377-870x522-220x150.jpg
sham-store.shop/wp-content/uploads/2023/06/ 10 KB
10 KB 156ms
154ms Image
image/jpeg 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/06/2018-12-08T010341Z_1_LYNXMPEEB7026_RTROPTP_4_USA-GOVERNORS-e1686842882377-870x522-220x150.jpg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

65b8fbd7e61c22d364459a3e2b57ec865e2c63e7b3c9a20af909c05bbc00e023

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Jun 2023 16:00:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 9865
expires: Fri, 13 Oct 2023 17:08:53 GMT

GET
H3 200 230130-one-time-use-brackeen-family-scotus-tribal-adoptions-se-1211p-fbb4ca-220x150.jpg
sham-store.shop/wp-content/uploads/2023/06/ 8 KB
8 KB 162ms
159ms Image
image/jpeg 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/06/230130-one-time-use-brackeen-family-scotus-tribal-adoptions-se-1211p-fbb4ca-220x150.jpg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

87c9f17c7ce6807645c4de0bad67630974d3e68f03ff1af5ac94dd8b9784265c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Jun 2023 14:56:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 8299
expires: Fri, 13 Oct 2023 17:08:53 GMT

GET
H3 200 warning-sign-220x150.jpg
sham-store.shop/wp-content/uploads/2023/06/ 13 KB
14 KB 196ms
194ms Image
image/jpeg 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/06/warning-sign-220x150.jpg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d3a2b63d63e5bd8b60b9370bcb292d2f6e76a10f6f3e5d0284db3c8074a847ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Jun 2023 14:53:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 13801
expires: Fri, 13 Oct 2023 17:08:53 GMT

GET
H3 200 230615-zelenskyy-mb-1345-42c227-220x150.png
sham-store.shop/wp-content/uploads/2023/06/ 41 KB
41 KB 167ms
165ms Image
image/png 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/06/230615-zelenskyy-mb-1345-42c227-220x150.png

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d68aeef2cc5d1b7ac7adf3dcba64ea7d90950c5805cf3626f6a66e1f7e30b238

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Jun 2023 13:51:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 41757
expires: Fri, 13 Oct 2023 17:08:53 GMT

GET
H3 200 ap23116623714995-220x150.jpg
sham-store.shop/wp-content/uploads/2023/06/ 7 KB
7 KB 191ms
189ms Image
image/jpeg 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/06/ap23116623714995-220x150.jpg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a68bebfc54f52106e1a683307f6bc9b344573d8d46bca22194585b807ffd0f64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Jun 2023 13:41:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 7513
expires: Fri, 13 Oct 2023 17:08:53 GMT

GET
H3 200 2018-12-08T010341Z_1_LYNXMPEEB7026_RTROPTP_4_USA-GOVERNORS-e1686842882377-870x522-390x220.jpg
sham-store.shop/wp-content/uploads/2023/06/ 16 KB
16 KB 203ms
201ms Image
image/jpeg 2a02:4780:b:852:0:ced:64b8:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sham-store.shop/wp-content/uploads/2023/06/2018-12-08T010341Z_1_LYNXMPEEB7026_RTROPTP_4_USA-GOVERNORS-e1686842882377-870x522-390x220.jpg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:b:852:0:ced:64b8:10 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a36afccc13609e3ac7ddfb39aea0bc707109eab31e38aa1ef7b8fbf05023ea46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 15 Jun 2023 16:00:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
platform: hostinger
content-length: 16093
expires: Fri, 13 Oct 2023 17:08:53 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 68ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-42WJ63WTBL&gtm=45je36c0&_p=579987793&cid=2073141390.1686848933&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686848933&sct=1&seg=0&dl=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&dt=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.%20-%20ShamCompany&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-42WJ63WTBL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sham-store.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 44ms
43ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=579987793&t=pageview&_s=1&dl=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&ul=en-us&de=UTF-8&dt=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.%20-%20ShamCompany&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=457676896&gjid=667890282&cid=2073141390.1686848933&tid=UA-256355281-1&_gid=93603213.1686848933&_r=1&gtm=457e36c0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1813555956

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sham-store.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sham-store.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 20ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XFTRVMTHCV&gtm=45je36c0&_p=579987793&gdid=dZTNiMT&cid=2073141390.1686848933&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686848933&sct=1&seg=0&dl=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&dt=NC%20lawmakers%20seek%20to%20strip%20Gov.%20Cooper%20of%20power%20to%20appoint%20members%20to%20Dem-majority%20Election%20Board.%20-%20ShamCompany&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XFTRVMTHCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sham-store.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
384 B 134ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sham-store.shop&callback=_gfp_s_&client=ca-pub-9491495309229936

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9491495309229936&plah=sham-store.shop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
457 B 138ms
48ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sham-store.shop

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B098 66 KB
17 KB 594ms
582ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&adk=2969136045&adf=3689892565&lmt=1686844847&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l&format=0x0&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848932978&bpp=8&bdt=1239&idt=503&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8319186508196&frm=20&pv=2&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=554

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f998579bfbc306016eb433ccbec58c36d5e7bbc8deca4c6ceb52d875c23d75d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:54 GMT
expires: Thu, 15 Jun 2023 17:08:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 BUHPN7SR7VCP7FT6JSGRON Show response
d.adroll.com/consent/check/ 463 B
557 B 134ms
34ms Script
application/javascript 2a05:d018:cc3:fe04:9d37:69dd:1802:43b7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/BUHPN7SR7VCP7FT6JSGRON?pv=6840172240.80038&arrfrr=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&_s=3f4c1d96146ce7ea12c5fb83536a2125&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/BUHPN7SR7VCP7FT6JSGRON/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:9d37:69dd:1802:43b7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 7fe4e53c5010f9c6ac80701d7be28febce0dd0f8adbb0df1275f00eec20f3a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
server: nginx/1.22.1
content-length: 463
content-type: application/javascript

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 130ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sham-store.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 441284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 14:34:09 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC82 29 KB
12 KB 419ms
418ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=300&slotname=3912869825&adk=3132528263&adf=4266349633&pi=t.ma~as.3912869825&w=300&lmt=1686844847&format=300x300&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848932986&bpp=1&bdt=1246&idt=615&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQnAvnlidG&p=https%3A//sham-store.shop&dtd=624

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0eca4f6a692e3a64455105f0ab0c20b090afa56987323cef23b3e6f650cd615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11986
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:53 GMT
expires: Thu, 15 Jun 2023 17:08:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC82 0
0 85ms
82ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqFLjpUWLZJLBKpSuqMwP39ux4AXJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgSmAk_QUr2_zPM3ADn9I5B14TXmvWcNRbxJkUg3IldNf6J9gQ5vi_wT-QRuHuC2gQ0Wq47bFsRNSXzIxX_JPfu0ZE3QSgC8hMSHE_sF5E8QoGFpNtru4_hN-XJPYUcgcsyxnoRwqx3M3SdXYzNk_CRdxBm-S9iS7yc9WkFzsQVtVglAmSyEhz4SYxNxrf71Xd_UA142aRI5fLWvV_wtxBeTxi5oGRemagqbGKAcByLzdloToa5BZM_8P9Q3AYAYkpKy_TOBOEbOkiD4l2O04Rz8EpKZvneAQQYCT7qJU7eP_B49pJY1O3ElAQfaSJ7U0REPdggC5E_k-XsktDG806SqZNXo1DgIHga4H002GZbL2bUnWZCdCyz2bl72jhxE81bhQaCRYDI30YAG_cimh-TIuoC7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTQ5MTQ5NTMwOTIyOTkzNhgA&sigh=Aj98NEfNKCc&uach_m=[UACH]&cid=CAQSGwBygQiDmBdK_GUnJ4i1i6pmu7QKFlLeDhWEfxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=300&slotname=3912869825&adk=3132528263&adf=4266349633&pi=t.ma~as.3912869825&w=300&lmt=1686844847&format=300x300&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848932986&bpp=1&bdt=1246&idt=615&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQnAvnlidG&p=https%3A//sham-store.shop&dtd=624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=300&slotname=3912869825&adk=3132528263&adf=4266349633&pi=t.ma~as.3912869825&w=300&lmt=1686844847&format=300x300&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848932986&bpp=1&bdt=1246&idt=615&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQnAvnlidG&p=https%3A//sham-store.shop&dtd=624
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Jun 2023 17:08:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Jun 2023 17:08:54 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame BC82 0
0 61ms
18ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kNulF9vHMKwCrAKdg2ICAgAAAO7vGelWmJH3EKVFi2TJDpDF7FScS9aKAAASAAAKCkFRVURBUUVQQVE&wp=ZItFpQAKoJIDihcUAAxt306hxI4TPtlAkFuUOw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 154730
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3081 120 KB
42 KB 74ms
41ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpQAKoJIDihcUAAxt306hxI4TPtlAkFuUOw&u=%7CpOyHuc4iCYztbRyRpCllwhGuh4pmA0YZz7E9kg14BpE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zkoMxsekyy3vtXJWQ6G1T5bkVzxWKmG_Ar0UZzfRX75JLvNVcAG-pJggGD1T_a3AGmDsDfjlmzdEOWpII0PaKONUMJTNMrks0ubUzhrnzIXYcG74jV5yNNszURFc1H1L4f9USugxwlXUjuKgoZSQNyLPRpksnyA3ZIB567O22q7UR4xs-zBipD9DHW0z6BJGcXR6ii7GWNE_NPSqDr3DLfuonk31P9c8T53XYoGZ6hvPEDYg7wUghUQv7_LgR9m6Q5wrQOayjGd4Ne99iOqnscX4OmmjXPpe2Je97df7bhIclFt1AqKt8FHABHmCGTUeZ-Z49rhi7Hxht7UtfUEZ8QzwUlqMIC97YuzVImOAbwQXjFCIC-N9T8WwqxYMzWry3XtiJHVVXhCqJNA8CilXM9RRUN2ml2PoSExRvZGuUY6MRIhkbAQ1Ce3sInU7hRA0Lnr40jfCZhwMUMsvtbSIxuCjv9YTqv5YO8LgyAabiQdcWTpxgh2f3xYWWF2hCIQ7c514brX27rETujaOFuvExeH9Zf4B9fdrdgmikG93PpBxL9jvyxwKq_M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1g2vpUWLZJLBKpSuqMwP39ux4AXJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgSpAk_QUr2_zPM3ADn9I5B14TXmvWcNRbxJkUg3IldNf6J9gQ5vi_wT-QRuHuC2gQ0Wq47bFsRNSXzIxX_JPfu0ZE3QSgC8hMSHE_sF5E8QoGFpNtru4_hN-XJPYUcgcsyxnoRwqx3M3SdXYzNk_CRdxBm-S9iS7yc9WkFzsQVtVglAmSyEhz4SYxNxrf71Xd_UA142aRI5fLWvV_wtxBeTxi5oGRemagqbGKAcByLzdloToa5BZM_8P9Q3AYAYkpKy_TOBOEbOkiD4l2O04Rz8EpKZvneAQQYCT7qJU7eP_B49pJY1O3ElAQfaSJ7U0REPdggC5E_k-XsktDG806SqZNWq1hmamYkkDPKqDTUb5BPfUISXvSbYdtxCRiHiAen_bbgUyrYkbixXO4AG_cimh-TIuoC7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_336cDRBWa3jBiIu3JYe34g8CGzgw%26client%3Dca-pub-9491495309229936%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14f422a8d5fbd69824d31215501a7555c3d572fca20640d0b0b5afd39debc47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5iY2XLtWBcR_kwMkOMjIoMKkGHS_X2JsiBFz3ZRa_KYD0nyYWqoDgBiemeM0DleLLUyqbkljpFFSnI6aaFea4QnL0fBggIyb0UL53pI4ejMDTnN86c3KzaKQSbdduQuAprgLK5jhL0dsVKolaSNZhkLpBptTWCzVfVxMjxYR1zLJKQzLR5BuZV1orAqVyTw92jevMQKKCmNaTUSmwqdQvu64dwJSJwqk5GIATDD9krcRE4R5liTh0s7j8W0"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 14761047
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame BC82 3 KB
1 KB 133ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame BC82 19 KB
8 KB 128ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC82 178 KB
56 KB 219ms
100ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:54 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3081 2 KB
1 KB 63ms
22ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpQAKoJIDihcUAAxt306hxI4TPtlAkFuUOw&u=%7CpOyHuc4iCYztbRyRpCllwhGuh4pmA0YZz7E9kg14BpE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zkoMxsekyy3vtXJWQ6G1T5bkVzxWKmG_Ar0UZzfRX75JLvNVcAG-pJggGD1T_a3AGmDsDfjlmzdEOWpII0PaKONUMJTNMrks0ubUzhrnzIXYcG74jV5yNNszURFc1H1L4f9USugxwlXUjuKgoZSQNyLPRpksnyA3ZIB567O22q7UR4xs-zBipD9DHW0z6BJGcXR6ii7GWNE_NPSqDr3DLfuonk31P9c8T53XYoGZ6hvPEDYg7wUghUQv7_LgR9m6Q5wrQOayjGd4Ne99iOqnscX4OmmjXPpe2Je97df7bhIclFt1AqKt8FHABHmCGTUeZ-Z49rhi7Hxht7UtfUEZ8QzwUlqMIC97YuzVImOAbwQXjFCIC-N9T8WwqxYMzWry3XtiJHVVXhCqJNA8CilXM9RRUN2ml2PoSExRvZGuUY6MRIhkbAQ1Ce3sInU7hRA0Lnr40jfCZhwMUMsvtbSIxuCjv9YTqv5YO8LgyAabiQdcWTpxgh2f3xYWWF2hCIQ7c514brX27rETujaOFuvExeH9Zf4B9fdrdgmikG93PpBxL9jvyxwKq_M&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1g2vpUWLZJLBKpSuqMwP39ux4AXJntKxXJXJlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgSpAk_QUr2_zPM3ADn9I5B14TXmvWcNRbxJkUg3IldNf6J9gQ5vi_wT-QRuHuC2gQ0Wq47bFsRNSXzIxX_JPfu0ZE3QSgC8hMSHE_sF5E8QoGFpNtru4_hN-XJPYUcgcsyxnoRwqx3M3SdXYzNk_CRdxBm-S9iS7yc9WkFzsQVtVglAmSyEhz4SYxNxrf71Xd_UA142aRI5fLWvV_wtxBeTxi5oGRemagqbGKAcByLzdloToa5BZM_8P9Q3AYAYkpKy_TOBOEbOkiD4l2O04Rz8EpKZvneAQQYCT7qJU7eP_B49pJY1O3ElAQfaSJ7U0REPdggC5E_k-XsktDG806SqZNWq1hmamYkkDPKqDTUb5BPfUISXvSbYdtxCRiHiAen_bbgUyrYkbixXO4AG_cimh-TIuoC7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_336cDRBWa3jBiIu3JYe34g8CGzgw%26client%3Dca-pub-9491495309229936%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3081 2 KB
1 KB 64ms
24ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3081 308 B
636 B 64ms
25ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3081 293 B
621 B 65ms
26ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3081 43 B
348 B 68ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LSkUDhXgY6lA5DECyWYnWStfwIy_2G9iRIXOxW9tq1r3uzk_BVvnAtb3pPHqFhVZz5Wi5wgX88VWguUmXZF_Ol-2ATsF9l2j0hU6r7H1o3FSLokJC_oKvZ4VryWrr-5_IbyGY--ZZRVe4UZDs3sxaQsLlJMZR5g73xYeIqXGpz5nJYsjBmkW5E4c4FcuEeQLQqswKi847QYCIq-pokIwXuaIrU0xTcMJ4Hflr1HXsrjQUU_fwFGjafGhULIzGw7-1EuDQ8KbfyvNBjz7u2Au-DlZBXG0KT9HkHPUX8odWJ2V-9fuwI2IK-MSTpEc1AXqjlraUOsqAMBOWuRWJTbetn9mzUVQNG9xxeJKmTk2mTS8DZENIY5RmjoWehHDEC9nIdsh_v9spi2tPtAwMvr-xPqa8AF5p_nfzhZVgWDQw-ZrWzxm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2093111
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3081 12 KB
6 KB 39ms
25ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3081 8 KB
8 KB 76ms
31ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786912%2F89065f8f3a0e46d18fcfe981f59946ed_cn_logo_1200-300.png&v=3&w=214&s=bj8aISO2kr6_3SH6YP6tk3AB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bd2f225e8c5fbdf97aa14bd83c0696379a9880c50c40c01419b0b7b98c7b3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 8175
expires: Sun, 09 Jun 2024 08:39:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3081 126 KB
126 KB 75ms
31ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786912%2F6bf51e4efe42463ea25696c7c052c2f1_d1049b9c-2a86-4024-89d9-95dcc7a7c8f8.jpg&v=3&s=UBbq3-z-FPJqtJVGQwfIoHwm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e69e1fb4b4787361714b5dc55266ca81cea21d38477dca4644c234529f693dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 128676
expires: Sun, 09 Jun 2024 08:39:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3081 119 KB
119 KB 82ms
38ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786912%2Fbcd59f17d6f24de4b50f2fba085f6001_709ff809-3027-4b83-bdca-e25765a6373e.jpg&v=3&s=S7Jfh-dldz1cNwJzSKh9Ey4m

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2d797b34b35d45deef339a2e78faa48adf95eac4044f33afd6eff023d6fd0980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 121630
expires: Sun, 09 Jun 2024 08:39:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3081 75 KB
75 KB 110ms
66ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786912%2F099d381327294c5bb44a70dc7909fec1_kv_1200-628-kv.jpg&v=3&s=7hBIxm4DstdpBQYLWqSVf1Eo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

323f73ff43ba79d50ea91b5b95e444441f0b76db8577823c0d636550e003a39f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 76868
expires: Sun, 09 Jun 2024 08:39:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3081 108 KB
109 KB 132ms
88ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786912%2Fcbf2601d44d24f30ac46fcbaa3dedf4a_0f2636ae-da00-4003-ad01-83198117e249.jpg&v=3&s=sUtE5XdnuXTUgIP0YWp-uhUy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7a5fc3189c0e62a350875d4b2fd0789eee28530a647ca87315a63fb6264c6a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 110866
expires: Sun, 09 Jun 2024 08:39:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3081 0
128 B 45ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5iY2XLtWBcR_kwMkOMjIoMKkGHS_X2JsiBFz3ZRa_KYD0nyYWqoDgBiemeM0DleLLUyqbkljpFFSnI6aaFea4QnL0fBggIyb0UL53pI4ejMDTnN86c3KzaKQSbdduQuAprgLK5jhL0dsVKolaSNZhkLpBptTWCzVfVxMjxYR1zLJKQzLR5BuZV1orAqVyTw92jevMQKKCmNaTUSmwqdQvu64dwJSJwqk5GIATDD9krcRE4R5liTh0s7j8W0&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:08:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3081 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3081 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 152 KB
52 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de31bce51f49c0fffa7d7dfbb664955b6d2ace47949b91746cceaeab3716e1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52897
x-xss-protection: 0
server: cafe
etag: 17741262544133070564
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
166 B 48ms
46ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sham-store.shop

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A517 32 KB
14 KB 268ms
266ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=1138032768&pi=t.aa~a.2021211784~i.5~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=2&bdt=2571&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=2&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Qp4WrJN3vU&p=https%3A//sham-store.shop&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd10e0814d028f40f72a03ff14bd45935f6f4927aa43deadf95016d7d0baeb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13843
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46CA 36 KB
15 KB 567ms
566ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

153be3e1b5701ba448c68f42ac2706b4a07dd13577f72672dc64cf050c9a7018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A02 42 KB
15 KB 450ms
449ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3547ea71b0ee87f6ea222ae5f37bb9c21b78dedc3568dba126f46448b82396fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15076
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D63A 39 KB
14 KB 427ms
416ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=1761866724&pi=t.aa~a.1794496191~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=2&bdt=2633&idt=2&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280%2C370x280&nras=5&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=2830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=QyQWQ5FHFg&p=https%3A//sham-store.shop&dtd=62

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bec5a1d1475fce5ac5ac2af78d6a3c285f88034f7f56a83570c8fdd6d8c162fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14641
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BC82 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33f8a5e6aecd055295a2372d62720640c27eb6b8eaefd01daf2518a5fea566aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame A517 3 KB
1 KB 105ms
65ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=1138032768&pi=t.aa~a.2021211784~i.5~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=2&bdt=2571&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=2&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Qp4WrJN3vU&p=https%3A//sham-store.shop&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame A517 19 KB
8 KB 91ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A517 0
0 157ms
48ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEuRhom0NO-8BGRmVtboHJhAjG9Hb63iOs7G-Ss8F7OyTwqQA1uKL8rDs4CZmds1Jt5OkML8OXcPAOn2iFHRd05lSM2Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=1138032768&pi=t.aa~a.2021211784~i.5~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=2&bdt=2571&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=2&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Qp4WrJN3vU&p=https%3A//sham-store.shop&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A517 178 KB
56 KB 109ms
101ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:54 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 121ms
100ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9491495309229936&plah=sham-store.shop
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sham-store.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 87ms
72ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sham-store.shop

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/ Frame 3A10 10 KB
4 KB 54ms
51ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 16:09:25 GMT
etag: 15057649708203361565
expires: Thu, 29 Jun 2023 16:09:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A517 0
0 83ms
78ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvFm0pkWLZJ6kFvmA1fAP68yW0A7JntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQKukW5srEmyPqgDAaoEygJP0MAsqw4INKDI2-E2iKIvEl2M-eRrxlaZw6fj8zKHyv-FHQxUtsoHmOAT6TslAod3QBWnjMEp5Yqfm5oEp5dHNza3ZX4vNr-eCzf66FMK0NWxafZFdI0_yuJ9oOGXiwl0pTaQk60zGcR1qBguc_m3gvtT_VsnXbCjq4TI5tWP2i2Orc1IZ-WGewxUOWHmDoClZGat7LvJ2Txzr2kds44ZxnBop_qIntq8wRfP_RYGJ79CXI3B224MER8pUBaLIy9yH0HRI4GIr5HEz4NJvi0ZUTqgHq_8FIL_-ALf1kVFmxMRWe2EG7tl7byYsZzaGjv_AKL8aH0Vt3ajd6gRz2OOn0WMx0hT0HymoNfiCFcD5KKIMyBPOdbqd4fvGK2UR9taR5P9hvuGIc17gHTNdnvl4ahQAAEnkc5kDacKjvwcVfItW9BjDvtnGxOABv3IpofkyLqAuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk0OTE0OTUzMDkyMjk5MzYYAA&sigh=cv7B9ciP7oI&uach_m=[UACH]&cid=CAQSKQBygQiDmlmX958JujXi-wkigLbV7HnsqEbf8iRTuHcFPW5a-FGxXk4NGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=1138032768&pi=t.aa~a.2021211784~i.5~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=2&bdt=2571&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=2&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Qp4WrJN3vU&p=https%3A//sham-store.shop&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Jun 2023 17:08:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame A517 0
0 91ms
16ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kNulF8z6RNAFmAKdg2ICAgAAAOZNsAEIyQQMEKVFi2SviAPuZdqVQi16AAASAAAKCkFRVUREd0VQRHc&wp=ZItFpgAFkh4IFUB5AAWma9jxyQMlUq4uS6-HPQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 181149
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D636 125 KB
44 KB 49ms
42ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpgAFkh4IFUB5AAWma9jxyQMlUq4uS6-HPQ&u=%7CCasp2cPCKnbE%2BySXCQ1Y12pYFJwgBkwyIaGElJ5HU%2F0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8yozuPOp1T6J4tR9U6u_MOyamnthb2crK4OfPz7X2n4nd6xwzVxfkNM5PrG-JdWHxB0-HPypednthigxFwUfNZzPXAX5_E_GFHz6cYgPhP_k9gbJKLr6RpbGORKrrg_5jyMK09Y58mhaEV06INSZlRJ4LuYj_jbZMExIB8MHiVS4_bT3lntZcE0I1Hq26xeTH9l8Q8np0VlGXHWgr_np4LWba211bSXgs7Jn4CI1bad9yxTL8yRrwsuM4zVB0SS56ZEKsSdkpY1A8odqtzdmTlEg0ONoEoF6JHzM2nCVjoPr0aU7ogX47xCpeKVBPX7UPZ9_RQ_u404g7nwL5XE8QsqtQ9-8TOswl-2_TEb_O6GhHl_EFy4xYacA8IZxABGjvIhxhJoVw5bBK05YIY-H0Pab0K8z9mTor_-ddXGoilHTBvV4vkeRZcmyfi13QntIpawgAcWWIXA5v5mkNs0QjWTMFc0GQ6Vu5p0FHhVHasqwcgWJ7ZVxBOHm6yck-w_ecDG0jX7jUT8Ofk6CYXbHBSUwBWuA6pzwCawgDNT9dAjzk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9XBSpkWLZJ6kFvmA1fAP68yW0A7JntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQKukW5srEmyPqgDAaoEzQJP0MAsqw4INKDI2-E2iKIvEl2M-eRrxlaZw6fj8zKHyv-FHQxUtsoHmOAT6TslAod3QBWnjMEp5Yqfm5oEp5dHNza3ZX4vNr-eCzf66FMK0NWxafZFdI0_yuJ9oOGXiwl0pTaQk60zGcR1qBguc_m3gvtT_VsnXbCjq4TI5tWP2i2Orc1IZ-WGewxUOWHmDoClZGat7LvJ2Txzr2kds44ZxnBop_qIntq8wRfP_RYGJ79CXI3B224MER8pUBaLIy9yH0HRI4GIr5HEz4NJvi0ZUTqgHq_8FIL_-ALf1kVFmxMRWe2EG7tl7byYsZzaGjv_AKL8aH0Vt3ajd6gRz2OOn0WMx0hT0HymoNfiCFcD5KKIMyBPOdbqd4fvGK2UR9taR5P9xPmns0r0HGdy6m9GMZX2-Agzm3huI7-IOjQh8wCSRfx7i1HjCKzddr2ABv3IpofkyLqAuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wzYbUz4WrZa6JMBPIf44gRz87rA%26client%3Dca-pub-9491495309229936%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1e6974b9aee2f647c725d559b2522137aa6da698c4df2af0b4660ccfd1c2aabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QsC5l7tWBcR_kwMkL_PNIz_5oC0Yc0V2t5HCHFok9sPngcnx-AvFRhlcGTrUOSLt7W3oeqhFsT1emFR3GMoiuPFe1juvJWZE_njz7Te4yx2Z9MuD_IA2Wg22ghuswXxmEliwdvjc_3opfPnWUsr_OA3orj6CN0H804HwNO2yaMnY3KgZ_1YzQ2M_yhiCKMXNcqAgb4atNqFK8AkIlD5-tMElfTDcr0UoE_RqHcJliWSdK9PwBZ836vvr9HFWuc0TTb1n5Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 17283713
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2FCF 1 KB
643 B 49ms
47ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Fri, 16 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D636 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpgAFkh4IFUB5AAWma9jxyQMlUq4uS6-HPQ&u=%7CCasp2cPCKnbE%2BySXCQ1Y12pYFJwgBkwyIaGElJ5HU%2F0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8yozuPOp1T6J4tR9U6u_MOyamnthb2crK4OfPz7X2n4nd6xwzVxfkNM5PrG-JdWHxB0-HPypednthigxFwUfNZzPXAX5_E_GFHz6cYgPhP_k9gbJKLr6RpbGORKrrg_5jyMK09Y58mhaEV06INSZlRJ4LuYj_jbZMExIB8MHiVS4_bT3lntZcE0I1Hq26xeTH9l8Q8np0VlGXHWgr_np4LWba211bSXgs7Jn4CI1bad9yxTL8yRrwsuM4zVB0SS56ZEKsSdkpY1A8odqtzdmTlEg0ONoEoF6JHzM2nCVjoPr0aU7ogX47xCpeKVBPX7UPZ9_RQ_u404g7nwL5XE8QsqtQ9-8TOswl-2_TEb_O6GhHl_EFy4xYacA8IZxABGjvIhxhJoVw5bBK05YIY-H0Pab0K8z9mTor_-ddXGoilHTBvV4vkeRZcmyfi13QntIpawgAcWWIXA5v5mkNs0QjWTMFc0GQ6Vu5p0FHhVHasqwcgWJ7ZVxBOHm6yck-w_ecDG0jX7jUT8Ofk6CYXbHBSUwBWuA6pzwCawgDNT9dAjzk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9XBSpkWLZJ6kFvmA1fAP68yW0A7JntKxXPWR3r6xAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQKukW5srEmyPqgDAaoEzQJP0MAsqw4INKDI2-E2iKIvEl2M-eRrxlaZw6fj8zKHyv-FHQxUtsoHmOAT6TslAod3QBWnjMEp5Yqfm5oEp5dHNza3ZX4vNr-eCzf66FMK0NWxafZFdI0_yuJ9oOGXiwl0pTaQk60zGcR1qBguc_m3gvtT_VsnXbCjq4TI5tWP2i2Orc1IZ-WGewxUOWHmDoClZGat7LvJ2Txzr2kds44ZxnBop_qIntq8wRfP_RYGJ79CXI3B224MER8pUBaLIy9yH0HRI4GIr5HEz4NJvi0ZUTqgHq_8FIL_-ALf1kVFmxMRWe2EG7tl7byYsZzaGjv_AKL8aH0Vt3ajd6gRz2OOn0WMx0hT0HymoNfiCFcD5KKIMyBPOdbqd4fvGK2UR9taR5P9xPmns0r0HGdy6m9GMZX2-Agzm3huI7-IOjQh8wCSRfx7i1HjCKzddr2ABv3IpofkyLqAuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3wzYbUz4WrZa6JMBPIf44gRz87rA%26client%3Dca-pub-9491495309229936%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D636 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D636 308 B
636 B 28ms
20ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D636 293 B
621 B 26ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame D636 43 B
347 B 25ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QjfBjPqs5BdAhc9p5G3eWvIuGDN-6qmXlKcljL4X8I0loBemTNBwiuHEnqx9hRSCTUjvrFGRHkmg6HihRUddZtRyGSfD1mxFp6NkT_APCJ6_jjrtzOT-J5_U0WRhIZTr3vhnxXIWiTbFhnbULV3L6CxKueTY6t3BFEp4TOO8U1IDBSxCPha1q2bbTYykMK6rkXvIKA3wwDOHT1ojIXlDJ5isdnGmJmltipIsNwBq2z2FAR6f9Fc8IDD8J4na_CkcrTD1CpUoXdQtnAw8ESwvtGm3QLyQCCHu7oybElK9wELWsjtIUJ4huK-rRITyEfofubL6GSfJ_Fmfxfxr6vflsja5HaGE4QOfPPIt7BjH_6zvc3pmUNcpG762RlW8bvk5_rsDwmz26EoOTP0JldvGMQrbJ6lG72_LQvHw9oCyLTJKStQ_Bso2TIP2swi4f59x9L8w-w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1939010
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A10 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWa4mpUWLZO-aJ9qTo9kPi4a3kAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgShAk_QLPVbBi435W6xbEyTN81_5_oFWeGlSijoNjdYyd3hLDfL0xyRJeqnQtx5ceps4Rv--6MvT3XfgkFey2jG0klSlTiQn3x4vr1aGR2qVRNsD31RYmGEABWPgBp3slFSJA4LrKWTTczn66JbOqp0-naz1qrcHP15nRpRUP9jEdp9gFcGOMLhdNKAqOc6wimSW2q7GLqatnPqeB_x8eIxXFyG4FH1er-HYNC4x3hnB9gponhOaUfsx4Lex_q7Mgk_g_HZ3__sgTQzEfSbmUdAFVThaJhRkrtqLXhKXqvqbK5Jjfe_4mjtCDTiXzGg_Agbi-inFuRV_JYBj5RYwfpn_skmKuNfi2lJS3PsfF3920QzdxMd4EVodp3B7AV-K-Xq2b2ABv3IpofkyLqAuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk0OTE0OTUzMDkyMjk5MzYYAA&sigh=E-NvVvZ2prA&uach_m=[UACH]&cid=CAQSGwBygQiDCSWZShWkFLWjIIcnPHBFooGGRveO7hgB

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Jun 2023 17:08:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3A10 0
0 98ms
98ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kNulF8z6RO0HfJ2DYgICAAAA5k2wAQjJBAwQpUWLZBZA1i2-oNISS78AABIAAAoKQVFVQkFRRUJBUQ&wp=ZItFpQAJzW8FKMnaAA3DC28Ir-r4kJpu-qp6Kg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 201068
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame BEF6 104 KB
39 KB 38ms
28ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpQAJzW8FKMnaAA3DC28Ir-r4kJpu-qp6Kg&u=%7CpOyHuc4iCYwkz5FhlF3q8iYBehTxVbIDj1%2FuQvpsk9s%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8ylK3oQt3W75db2RniAfsema07Cw_YSiW0zQHu58KEabXbgTJuEefw8Y5HuMqWXo4gZOVn_fIxYh4CbFJ5hN5RXfYPfjtk0pOoi7PqnUTmQFzxhHqYFuuoxLHl0NVn5_TUE_F7hxP4sKJZvWrd5QWyCKc-b5av8Hp4XTI3Nrp12E0HUiBZQHHSl55po4AGhUERYo9M_l0yT471w_eLKGXtvVt7dypNtywA1WhsqUU4htp7b9lS2K3oPaIKoEGqhaohTTAE3ScElvKdflZ4r46zZwrhm39d5uepquwoit2Jl8dx7RHbvETZ3uoxiQSeCXLqqOGVHXJlVcG3bA8zqQHhxLK6MPu83VYWdCGVawyjNTLBvB17wUfRCIQL8nJYvoHOPodTyY-BktRiG8s41M0r9Xoad4cRD_gqdutB6WW5XypDzWnbSfF5pwVi3NGwS9iWeQPOv8_y--nZodKoBxrP-e-T9rSQvIRj46LR3u7OImVyqH4t4Uca4PpQw-HwBKFroyQ-HJBj7_20neygc4sUdud5T4zDb5r9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNmxvpUWLZO-aJ9qTo9kPi4a3kAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgSkAk_QLPVbBi435W6xbEyTN81_5_oFWeGlSijoNjdYyd3hLDfL0xyRJeqnQtx5ceps4Rv--6MvT3XfgkFey2jG0klSlTiQn3x4vr1aGR2qVRNsD31RYmGEABWPgBp3slFSJA4LrKWTTczn66JbOqp0-naz1qrcHP15nRpRUP9jEdp9gFcGOMLhdNKAqOc6wimSW2q7GLqatnPqeB_x8eIxXFyG4FH1er-HYNC4x3hnB9gponhOaUfsx4Lex_q7Mgk_g_HZ3__sgTQzEfSbmUdAFVThaJhRkrtqLXhKXqvqbK5Jjfe_4mjtCDTiXzGg_Agbi-inFuRV_JYBj5RYg_hGbE6ptvDgF33qm05KhFTp0fI5WQufVI1V0G9-8ilmrk9uygKBOnGABv3IpofkyLqAuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rMf0iNCmsD3eImawBVGy03ZSWog%26client%3Dca-pub-9491495309229936%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2ff0fe95eeed4c8c492470a335e5159a88cb2a9cac91cc81d3e1d74eb11997fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lmn28btWBcR_kwMkwqo4UcR7t2rGymKYe0Wue1F-Zr2I-LbuXbC5a0XUaOihsSJtH75dEYMV_YHnSSH1Gqo6Nvyo8p7XwheG5knSgZFb1zdkvvZvO9hCkusiL2HEk7JTixFfslGZ4nJw4Fj5VBpwrHRifJzx16BEuYm4ZICuiXPNVaFsuKAUiQ8K7MXyVvJUd-WjPHlkfvmDNuYLHggP_rMdfagoFDu1r0iXS_nQjdDEy2XGbrf0qo-bjpVUU6fMfdxLRA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 12000959
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 3A10 3 KB
1 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 3A10 19 KB
8 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A10 178 KB
56 KB 89ms
83ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230613/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:54 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D636 12 KB
6 KB 21ms
19ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:54 GMT

GET
DATA 200
OK truncated
/ Frame A517 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49d663380322efe2f5d664ef0626a079b2c99e846bd245862c7cec4fbeb150a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D636 11 KB
11 KB 27ms
26ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=476&m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786914%2Fcb93e28f73744ff887ecc6ed2ea189d7_en_logo_1200-300.png&v=3&w=308&s=bvvltW4rQ16D8jsV9wpiLt0W

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2af0c5e150b151b4e24db10de46e51ab10e749b7ab4205b097f439db04714e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 11119
expires: Sun, 09 Jun 2024 08:37:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D636 210 KB
210 KB 32ms
31ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786914%2Fd241ebea9e9c4d5d8106b2562dab47b0_069c0164-63ff-42bd-8603-98910e8699e3.jpg&v=3&s=mQ6DRvkJEIREiEt2RUNv4gr-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

26e0a4940a7118f9446572007b9ee9ad23d287e158067a252b5e27e702f69772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 215074
expires: Sun, 09 Jun 2024 08:40:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D636 199 KB
199 KB 42ms
42ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786914%2F00ac83a8e448497f8c99141e421a4e43_0f1d99c9-1cc0-408d-99bf-b9dda4f8154a.jpg&v=3&s=PElBX4Zn90pwV3mzfqC0mOTb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e794207b2db3baaa427ab4ef9c2a7a4bedce491a6d0edf11f3dbe91fdfea2536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 203700
expires: Sun, 09 Jun 2024 08:41:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D636 96 KB
96 KB 50ms
49ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786914%2Fa7bf6d3720ee4d9da14a14453b0fe628_kv_1200-1200-kv.jpg&v=3&s=srflxxopPux_QhK9XDEb-Avc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

064cf7614522d49cc2c991efde6827b907e347e54cb74fd08b7480803fced02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 97864
expires: Sun, 09 Jun 2024 08:41:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D636 147 KB
148 KB 41ms
40ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786914%2F37eeef3a11604777b017cfc7b704518a_3973cc79-fd3a-4f6a-bb12-d284f62e6b28.jpg&v=3&s=h2O8u5MqsGgndiJKNMvq0C_1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a71a6209be03d59358c3f459c15ab3dfb186812f12ee077cd621933a96400598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 150838
expires: Sun, 09 Jun 2024 08:41:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D636 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=QsC5l7tWBcR_kwMkL_PNIz_5oC0Yc0V2t5HCHFok9sPngcnx-AvFRhlcGTrUOSLt7W3oeqhFsT1emFR3GMoiuPFe1juvJWZE_njz7Te4yx2Z9MuD_IA2Wg22ghuswXxmEliwdvjc_3opfPnWUsr_OA3orj6CN0H804HwNO2yaMnY3KgZ_1YzQ2M_yhiCKMXNcqAgb4atNqFK8AkIlD5-tMElfTDcr0UoE_RqHcJliWSdK9PwBZ836vvr9HFWuc0TTb1n5Q&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D636 2 KB
1 KB 29ms
29ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D636 2 KB
1 KB 28ms
28ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame BEF6 2 KB
1 KB 21ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpQAJzW8FKMnaAA3DC28Ir-r4kJpu-qp6Kg&u=%7CpOyHuc4iCYwkz5FhlF3q8iYBehTxVbIDj1%2FuQvpsk9s%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8ylK3oQt3W75db2RniAfsema07Cw_YSiW0zQHu58KEabXbgTJuEefw8Y5HuMqWXo4gZOVn_fIxYh4CbFJ5hN5RXfYPfjtk0pOoi7PqnUTmQFzxhHqYFuuoxLHl0NVn5_TUE_F7hxP4sKJZvWrd5QWyCKc-b5av8Hp4XTI3Nrp12E0HUiBZQHHSl55po4AGhUERYo9M_l0yT471w_eLKGXtvVt7dypNtywA1WhsqUU4htp7b9lS2K3oPaIKoEGqhaohTTAE3ScElvKdflZ4r46zZwrhm39d5uepquwoit2Jl8dx7RHbvETZ3uoxiQSeCXLqqOGVHXJlVcG3bA8zqQHhxLK6MPu83VYWdCGVawyjNTLBvB17wUfRCIQL8nJYvoHOPodTyY-BktRiG8s41M0r9Xoad4cRD_gqdutB6WW5XypDzWnbSfF5pwVi3NGwS9iWeQPOv8_y--nZodKoBxrP-e-T9rSQvIRj46LR3u7OImVyqH4t4Uca4PpQw-HwBKFroyQ-HJBj7_20neygc4sUdud5T4zDb5r9&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNmxvpUWLZO-aJ9qTo9kPi4a3kAHJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgSkAk_QLPVbBi435W6xbEyTN81_5_oFWeGlSijoNjdYyd3hLDfL0xyRJeqnQtx5ceps4Rv--6MvT3XfgkFey2jG0klSlTiQn3x4vr1aGR2qVRNsD31RYmGEABWPgBp3slFSJA4LrKWTTczn66JbOqp0-naz1qrcHP15nRpRUP9jEdp9gFcGOMLhdNKAqOc6wimSW2q7GLqatnPqeB_x8eIxXFyG4FH1er-HYNC4x3hnB9gponhOaUfsx4Lex_q7Mgk_g_HZ3__sgTQzEfSbmUdAFVThaJhRkrtqLXhKXqvqbK5Jjfe_4mjtCDTiXzGg_Agbi-inFuRV_JYBj5RYg_hGbE6ptvDgF33qm05KhFTp0fI5WQufVI1V0G9-8ilmrk9uygKBOnGABv3IpofkyLqAuwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rMf0iNCmsD3eImawBVGy03ZSWog%26client%3Dca-pub-9491495309229936%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame BEF6 2 KB
1 KB 42ms
38ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame BEF6 308 B
636 B 18ms
17ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame BEF6 293 B
621 B 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BEF6 43 B
347 B 18ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=kEAdBSFtfEU4XRHiqrvleXHjhzid8JUv0VOr_uWc5EKXTlR2QCmzOkNEixjSduukwo-JwFt34jo5Dv7qCGyMZookXloLkzFEb0FZsm43vOSfyPxYVoMjUyqB40cM2wSlJVtjp2pJYC56ayj3T4FJHlaTFZ0WvjdXNKa5E5y4BVoPyYgdESKBV49ItTghYimb6K_g48Vw7mrHtxaJao7LfjjH2zJXqLc1u3Ig6jnvWeGyYKILweUmWpxqmpQTyj60KclPH9z1jB3tQMfFtqefV6HIHECYtB3URtIEPKJmmF6w3obuM0ugitxqnJXgFnAi84tRCzD0TsxPKhsMSoUHxVnuC8u_cQhzRt3gyNPKbpxAqA4cec_OR3Aaxl0mfPxfe5jYk3KN7ghjbuDa46UqNCl1i6L4NZE6REQSmXuwnT_rc1J-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2219650
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 46CA 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:39:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 46CA 19 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 17:39:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 46CA 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAKNRmVU96OkSnTVuFUyPjeNPxAqkMH4U-i1jB1e8p1iIrUUAaUIl982mI08_ysUo5eabUVIe4aWDBOu0TbZRUCUFRbA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46CA 178 KB
56 KB 165ms
165ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:55 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2FCF 35 B
465 B 76ms
14ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAoCirb9647ZFJSYd17Nihg&google_cver=1&google_push=ATf1kGMPVQ4tS9fxqw21SERrfdk3nRPkTbWeCFE62ql_voS3GJ_zeZ7Smb6GQemQDHwJ1nygOhv3OYZ9BJylCM4OIucXpRde2aSk4w

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2FCF 0
105 B 86ms
27ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELeQSNV8ty07ZLUuMoLxxLU&google_cver=1&google_push=ATf1kGOmSEyyjHWhocj77FCAdwc0QnVGdu0xV1UksTJCNBQjOPoPHDH_MoSdT9LQ-YdFvflG_RFRvMvBYQNG8byjdh2NaVHGCAFxy28
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=1138032768&pi=t.aa~a.2021211784~i.5~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=2&bdt=2571&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=2&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Qp4WrJN3vU&p=https%3A//sham-store.shop&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2FCF 70 B
266 B 124ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBLPLqJ3OmOeFzJVHsA8q-4&google_cver=1&google_push=ATf1kGMI0tqvUlJlHHwz7R3CbD2QFEfSYWzjIg5H_vu8dwUzJ_uShtuYDqeyXn9I6FROwfoNOV4L8lm-qrHqkDBZaPA1vLs4hy_GniI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=1138032768&pi=t.aa~a.2021211784~i.5~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=2&bdt=2571&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=2&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Qp4WrJN3vU&p=https%3A//sham-store.shop&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2FCF 0
174 B 76ms
20ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJ2mHIoisOUIKPq7axElfUQ&google_cver=1&google_push=ATf1kGPiWtj3ToXb6qVzebVhlHkOTMcM2DlbzXF1jE-_FTaGLrsUD7yen6P9xDc-pXkY2q1R1nayBuk7vGhMNJ5buRyB81WxLb70V_c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=1138032768&pi=t.aa~a.2021211784~i.5~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=2&bdt=2571&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300&nras=2&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=1769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Qp4WrJN3vU&p=https%3A//sham-store.shop&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2FCF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAP6rcxkij1S7r8WpUuS6oA&google_cver=1&google_push=ATf1kGNZk3Y09tHZSFCjSasJ0RuarFdbn-NmB0_lOX7d1EDkDQd6K9oGA4RTkd0QW8M740oj5xE6lV3KZSNJNhwU...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=70SU3NTkTw21bb9ir_AVKA2&google_push=ATf1kGNZk3Y09tHZSFCjSasJ0RuarFdbn-NmB0_lOX7d1EDkDQd6K9oGA4RTkd0QW8M740oj5xE6lV3KZSNJNhwUUeUNbIIIsOF9lRc

170 B
330 B

53ms
53ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=70SU3NTkTw21bb9ir_AVKA2&google_push=ATf1kGNZk3Y09tHZSFCjSasJ0RuarFdbn-NmB0_lOX7d1EDkDQd6K9oGA4RTkd0QW8M740oj5xE6lV3KZSNJNhwUUeUNbIIIsOF9lRc

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 15 Jun 2023 17:08:55 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=70SU3NTkTw21bb9ir_AVKA2&google_push=ATf1kGNZk3Y09tHZSFCjSasJ0RuarFdbn-NmB0_lOX7d1EDkDQd6K9oGA4RTkd0QW8M740oj5xE6lV3KZSNJNhwUUeUNbIIIsOF9lRc
x-host: tde-deliveryengine-production-768c8bf7ff-n6fcc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2FCF 43 B
363 B 78ms
19ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEFhdvtsM0F_9XK1-rIEKbWg&google_cver=1&google_push=ATf1kGO2n8-y3VnKoDNexCYstqSjt9ANB7I9T8neJDq6Dx7PnH_9WdSxquYpKgeIQPFxXxNzEf7CFqIBkDpmDfYxpbM0dQ_ZqmdhM6s

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:54 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 164608
expires: Thu, 15 Jun 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 2FCF
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBmd0hBC_ROoiE65_OnVjH0&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGP7T7lrNDd1vJer1dlGKcmQDasizuAxUSqOVMtTimJTB7DV_ltzobJRgmAQlQSUP4fJVbJEdHXc-7uzHJTEVF1_qBlHdGXDHu1J
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

37ms
36ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 15 Jun 2023 17:08:55 GMT
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2FCF 0
131 B 183ms
40ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KreuFOyXYNSgj5w-yDF01kXLYC5zGpG8lLWqdUSPYtY0Kjro-h8JoU4Bz5jt7m-lMe2Gh_2A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 28BA 0
0 87ms
80ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYi1UpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEpgJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2zeogw2PL7vKRWLtM97j2E2L6FBZkQFI-FZvfxa9ef4U32Tl4NQ3ByABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk0OTE0OTUzMDkyMjk5MzYYAA&sigh=MwIWW1Vw39A&uach_m=[UACH]&cid=CAQSKQBygQiD2x2afd31E9vKhh-Nl1q5Rxc1CZNXVJ3yoOcc8Ibyn5mOZeQ0GAE

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=1761866724&pi=t.aa~a.1794496191~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=2&bdt=2633&idt=2&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280%2C370x280&nras=5&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=2830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=QyQWQ5FHFg&p=https%3A//sham-store.shop&dtd=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Jun 2023 17:08:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 28BA 0
0 99ms
23ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hz14m7axqyynm9y3mxf6994s0t88ygqpyzebkt2v4ygn93yx2ba1cnaxh3d7efvjhdd6wx49p0amm2tq1dh3azbrc0sftrfask9befsehg2p5bp2n2vkhae5b96reyfernpfkwsyewek7n5844m55vjg19jzqfzab39pphmbwp8509mczamgh4rdwkmd1rzdpmaj0rhjrhvdw02n2tt8fmr2kzmqc4c8y343pg8t024455awc76yxw27fmywrbc8kecg16ay3h8scw23jd2jzd481882pxyy6mdqnn66qxg41pjjgf9sjt7pzfkddtct9zm4yre142g6y872td8xkvmfnwse6c6jrk0r67wg5qv908v8pgvrhkcjqdt5bckggbn8zd40mnrcwg&b=ZItFpgAIK9QFKNEkAAAZsrM4t4TpIRlgsmwl7w
Requested by: Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:08:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 070E 2 KB
3 KB 68ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jnsbddp9qshcdhhcdqe503ys7vj0efr8caxtkz5jeqykmgfvqtfbahe8pr76z0kjfegf1sqf8xx3bhkjpcy8qmy7zj6xdbt13f90mevcgw4v8n05483yp9jq55q9r8kkyhsfrpgbydqvr1y0wsxan1d2wqvq67kh61tph5k54rwemwpezas2ncj0baedxmrqpkry6n8c4wfb33v83avbyrn3dat6waj9xnqdscjkej72vxegy2650b38awrdyxv978zrhkmmdbcshafvxfdy0s1zjmmcttrdtvjkymne7y6ppt0h1epxr36bxpc84pzw9235hztkvavhxb6ddgwmczyv2h9a4tvhhq3ptj7zt1grda83hdm6yr2yxvackkga8pzd0td8bv0707wyqg0qms3cq0xaqx9t8pxzn1wndmczmjvww9k0t8653etede0dnwyhccq6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%26client%3Dca-pub-9491495309229936%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=1761866724&pi=t.aa~a.1794496191~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=2&bdt=2633&idt=2&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280%2C370x280&nras=5&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=2830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=QyQWQ5FHFg&p=https%3A//sham-store.shop&dtd=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39c2172495852ffc51e6f86ef95adfa3cbc9843df71814081e395708b238d98c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d7c6af50f5c9034-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 28BA 3 KB
1 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F9F8 1 KB
643 B 53ms
43ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Fri, 16 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 28BA 19 KB
8 KB 46ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28BA 178 KB
56 KB 145ms
138ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4111 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co53bpkWLZM2jH-69qMwPhY2AoA66iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqAMBqgSmAk_QeI5jPnHjbwO2KhranJ7crDEf3c4g12QbAYgRJElfKDDJhEVr8brrGMKbC7P7b9mEOoCEMbDGe-QUzcRi8NlrHAuyNQ1uKSiXS-q93tEfpk9xErf6Zj1Xf8Uqa94EyD8ACPvJEF8LX5co-QBeL2pmTdXk38OIQGe9UqsrJlc5ff2B2pDuEDZgSBmbJvwrD6lfZ_EpFf725sZC34laOFaGRnGpkBsDTzfe93DttlW7hqvT6l6HXFSInUYzbzCTenK_8FSOoA1hU5324lUvf-GJRyIDXVjOSV2T77YdUG1okQiD_S60jIgmsmQ4nkrmsyi-eL5HUofOg5t9dzXsgrwq66MyqgHYs1v3Gznae2HA3DdUNQ4LvvlWVhzhSILRXFqSY4T-_YAGqtCz49CR94-5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTQ5MTQ5NTMwOTIyOTkzNhgA&sigh=vihPJySJdWo&uach_m=[UACH]&cid=CAQSKQBygQiD9TGGZ-9eUxJKAbbLcKBQlM2UVXQ1eiZw5Wxs2MtZ0GuMF7YSGAE

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Jun 2023 17:08:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 a.gif Show response
i.w55c.net/ Frame 4111 42 B
576 B 140ms
30ms Fetch
image/gif 34.250.57.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NTI3M0VEMjFEQUIwRTg1QzdEMEJCQ0YyMDQ4NTZENTJ8R0ZYYWFCMEFSdHwxNjg2ODQ4OTM0NjY0fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC05ODkxODYzNDZfRVh8MzAxMzZ8fHx8LjBQfFVTRA&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZItFpgAH0c0Dih7uAAAGhaXRJ9hf3b91QIYQQQ&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=sham-store.shop&s=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board&ts=1686848934667&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=2995684732023981&epid=R0NzaGFtLXN0b3JlLnNob3A&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1udVZVV21Ndg&l=ZW58fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VQY1poTXlXQndqMm5EV1Y1dS1CTVRF&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=78A4E4yWX_5HiNmZUCFbPg&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEPcZhMyWBwj2nDWV5u-BMTE&spidu=GOOGLE_CONTENTNETWORK&pidu=sham-store.shop&hmpvu=b3e3ac9b-8d7b-4da4-b1ce-330382c03529&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.57.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-57-204.eu-west-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-780-gdfb6b2e#rel-ec2-master i-025835abb6513bc2c@eu-west-1b@dxedge-app-eu-west-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jun 2023 17:08:54 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-780-gdfb6b2e#rel-ec2-master i-025835abb6513bc2c@eu-west-1b@dxedge-app-eu-west-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 4111 5 KB
2 KB 118ms
7ms Script
application/javascript 2600:9000:2251:a200:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0NzaGFtLXN0b3JlLnNob3A&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board&ciu=XROhqscfgR&btid=NTI3M0VEMjFEQUIwRTg1QzdEMEJCQ0YyMDQ4NTZENTJ8R0ZYYWFCMEFSdHwxNjg2ODQ4OTM0NjY0fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC05ODkxODYzNDZfRVh8MzAxMzZ8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=sham-store.shop&cip=1&hmt=1&uidu=CAESEPcZhMyWBwj2nDWV5u-BMTE&spidu=GOOGLE_CONTENTNETWORK&pidu=sham-store.shop&hmpvu=b3e3ac9b-8d7b-4da4-b1ce-330382c03529&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XROhqscfgR&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:a200:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 15:03:16 GMT
x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 266740
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: nyhO9B4X9EGw0Ms4pcOI6kzdSa_5a5F6tDQcUbqckGPA1duNUbYDHw==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 4111 3 KB
1 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/ Frame 4111 19 KB
8 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Jun 2023 15:45:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4111 0
0 54ms
48ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT49mvClcSYlc29mTrzn4FjasooURtiq9Q7nbf2wi9TmOlkk29qhMnNiDiEgzs6zvOGu99U4V6vzmg3DXbZVxzbkUT0nw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4111 178 KB
56 KB 192ms
189ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 17:08:55 GMT

GET
H2 200 XassetCEYbEcSW.png
ads.w55c.net/t/d/ Frame 4111 64 KB
64 KB 76ms
7ms Image
image/png 2600:9000:2491:a600:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetCEYbEcSW.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NTI3M0VEMjFEQUIwRTg1QzdEMEJCQ0YyMDQ4NTZENTJ8R0ZYYWFCMEFSdHwxNjg2ODQ4OTM0NjY0fDF8WG1FS1o4a2t0eHxYUk9ocXNjZmdSfC05ODkxODYzNDZfRVh8MzAxMzZ8fHx8LjBQfFVTRA&ei=GOOGLE_CONTENTNETWORK&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board&ts=1686848934667&c=DE&r=G-HE&epid=R0NzaGFtLXN0b3JlLnNob3A&mi=d2Vi&wp_exchange=NWP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:a600:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: pTSK_3aD6MH1NhuW2vrruciFx4wLs9g_
date: Thu, 15 Jun 2023 06:37:28 GMT
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 37887
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 65085
x-amz-meta-height: 250
content-length: 65085
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "38988cf71c0e9e66d0bb0693f05250c3"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: ZShwShPn_qShxZwpuojsarHOWQwcqhkzZsBl-2idK0QssdQFjeV5fg==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 4111 95 B
920 B 152ms
37ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=2995684732023981
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Indonesia, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 17:08:55 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Sun, 12 Jun 2033 17:08:55 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 30DC 120 KB
42 KB 55ms
41ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpgAFlbUIFUbKAAekx7mQnbrTCYG0kO4c6g&u=%7CCasp2cPCKnZi1TnHYgasWJ%2BxFo0wwD9YQHJZ1g%2FS%2BAs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8yozuPOp1T6J4tR9U6u_MOyaInZeVL0CuJRM_4l4oIEvk2fMddbehpYxpXNk5QdwQkk3rWEK453ufXZ0c5FmVDOQYk2fcgOkugZI09TxCMBj8yWyMhAvuKSWRjlbhNdDtte6kDiCYAq0Qn3kdk_c_B8xXeVEfKCtlO026zDcF9nCR3KZyVgBqg-lhtLEXm4grn3WqoXSb-6ToECBXZCXLNSKYGm7o4hlMJYj6n2F41IGuC2V0FTV3r7WdRiu59veExiCOWQrkv7j-3SD-maOEWBXp6gxoR27Xcf-SHrY8QSXdGEVzHNoW6Mgb_rnLwiVGIKMy15eGUwZ-JiQuURFxRbzvcJ5Ad55fJLUCJO5fCqllA8wdkZGdrvkZO6L6Wpid1Muyh9GEVNZ0PMLB4zu1UxAsIAKOd2loMrhE8Htsurx4D9O6CC5-IXXDjFlzhrK_SaY4jXTJiWwLEhnFzqZuOug2SV4ELBZoZLKzL_7NSvEYwlFo6Xy0kcHcNiA2bTGsTQ6H-H0TBtLtZdHpTZs0Hjy1DQoRzoKXY7RLvrAUc_Ni237nKVKR1AA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPmZ9pkWLZLWrFsqN1fAPx8meyAfJntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgTNAk_Qo8KFLlMLO9j5wwvzKiHv1XP-ej7BoX7qrwFufknxewB8HcM3rwYmXOqDIvK4CoYSOkHWbt8B7d_mQXceYgMf9dyjUeQR27wUCdwkYwLhRLH_bXizNSPJIzEk2NQIN_NwmZ8zOLYLpN1LBFI6t7L33wiBY2Lwe4zS3J4tjLo3JAXnP0ZR6CvwtnXyJE3OkOlUbTqVVw2Bof4xWAXIrScyiOtyPFRGNninpvm6dn3Th6Sm6Kg6xlakBVUShuLKFjnI7AFs-KYN4to2_wIB8TWgD8W8lhVCZxiiHHEhTdSDffHdJSpzUTb8U77nYLgqJ__IFJOd9_Wz9grOjQ8HyJuMFwyJjzfDIOusi9HOsT4hrfnn8mttOeObQ2Nk2PwVS8Uxhpu40Lh-sLXQw5H8vw_sgRWgZC5XCacFnFIBLjs0wOT_Q2Ucz4KDy0obZ4AG_cimh-TIuoC7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1QhDvfpyRTLSNsBmKW8SHfqQ_PiA%26client%3Dca-pub-9491495309229936%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6321b933446f8ef426f7f524cdf4014574674e9bd07e8af68f6b0de7117c5646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=shtW6LtWBcR_kwMk4OdFR-H1hwBEv8fj-JgIpkQnJRJtPkZMlsW7r7Uone4vTK5dz4piA1uIsVjOkDknv9cDA4XmgmXzzl_8XKXpaR-EeTmdesdoxiWZF9I7AgEdqme8HwF2lfPA7nVTVY-xg7xpeI6Nz50DKxhcCbiMa2wy-yAMODaEuMtFkCqqjAqPtcUBg-PcS5MOoDPtHa75KcKXwMyJ8MF59jeaxdSEvCiKpOrq1jmjvJ2s4jQs83fcGNuZ4_DjqA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 25281250
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 39FD 1 KB
643 B 46ms
41ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Fri, 16 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame BEF6 12 KB
6 KB 24ms
15ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 070E 106 KB
13 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jnsbddp9qshcdhhcdqe503ys7vj0efr8caxtkz5jeqykmgfvqtfbahe8pr76z0kjfegf1sqf8xx3bhkjpcy8qmy7zj6xdbt13f90mevcgw4v8n05483yp9jq55q9r8kkyhsfrpgbydqvr1y0wsxan1d2wqvq67kh61tph5k54rwemwpezas2ncj0baedxmrqpkry6n8c4wfb33v83avbyrn3dat6waj9xnqdscjkej72vxegy2650b38awrdyxv978zrhkmmdbcshafvxfdy0s1zjmmcttrdtvjkymne7y6ppt0h1epxr36bxpc84pzw9235hztkvavhxb6ddgwmczyv2h9a4tvhhq3ptj7zt1grda83hdm6yr2yxvackkga8pzd0td8bv0707wyqg0qms3cq0xaqx9t8pxzn1wndmczmjvww9k0t8653etede0dnwyhccq6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%26client%3Dca-pub-9491495309229936%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jnsbddp9qshcdhhcdqe503ys7vj0efr8caxtkz5jeqykmgfvqtfbahe8pr76z0kjfegf1sqf8xx3bhkjpcy8qmy7zj6xdbt13f90mevcgw4v8n05483yp9jq55q9r8kkyhsfrpgbydqvr1y0wsxan1d2wqvq67kh61tph5k54rwemwpezas2ncj0baedxmrqpkry6n8c4wfb33v83avbyrn3dat6waj9xnqdscjkej72vxegy2650b38awrdyxv978zrhkmmdbcshafvxfdy0s1zjmmcttrdtvjkymne7y6ppt0h1epxr36bxpc84pzw9235hztkvavhxb6ddgwmczyv2h9a4tvhhq3ptj7zt1grda83hdm6yr2yxvackkga8pzd0td8bv0707wyqg0qms3cq0xaqx9t8pxzn1wndmczmjvww9k0t8653etede0dnwyhccq6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%26client%3Dca-pub-9491495309229936%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 536270
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjchULiTv0XdEmFm1Ys7QJX%2BF6ZfH7BvhxI3KaUYb7OlgpSiHWmjur%2BH1LLm%2FqpQOcG5oVC%2FmNR%2FIU95INousQTm%2FivO9KYQauoNe33LKYV8X2U%2BJzuK08hcwi2U2p0cmpox3vm%2BdbM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7d7c6af58ffb9034-FRA
expires: Thu, 15 Jun 2023 18:08:55 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 070E 25 KB
10 KB 37ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jnsbddp9qshcdhhcdqe503ys7vj0efr8caxtkz5jeqykmgfvqtfbahe8pr76z0kjfegf1sqf8xx3bhkjpcy8qmy7zj6xdbt13f90mevcgw4v8n05483yp9jq55q9r8kkyhsfrpgbydqvr1y0wsxan1d2wqvq67kh61tph5k54rwemwpezas2ncj0baedxmrqpkry6n8c4wfb33v83avbyrn3dat6waj9xnqdscjkej72vxegy2650b38awrdyxv978zrhkmmdbcshafvxfdy0s1zjmmcttrdtvjkymne7y6ppt0h1epxr36bxpc84pzw9235hztkvavhxb6ddgwmczyv2h9a4tvhhq3ptj7zt1grda83hdm6yr2yxvackkga8pzd0td8bv0707wyqg0qms3cq0xaqx9t8pxzn1wndmczmjvww9k0t8653etede0dnwyhccq6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%26client%3Dca-pub-9491495309229936%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 153289
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy2EZnRfEghxuY8SFQ17BVoUqx9FF0v50a7Jom5gKwKHD4AzZmwj1SfgVOa3xUG6ghvymoZsZ9Xmr3Smd%2B4T%2BJH0FKFbnwDBskEalyT1%2Bho0y1ug4kdGt8U2heEsKRlaU%2BaMEvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7d7c6af5a81b9034-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Jun 2023 13:46:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame BEF6 15 KB
15 KB 18ms
16ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=105494&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105494%2F4786918%2F5780dd308e3b435b9a6b58d0b5581835_en_logo_1200-300.png&v=3&w=402&s=s1AFAulLWmD9OcYFD2lpflE-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

90d7f8fd47b0b01561b280109490c0e7d29be3f426a1f5cf70fab5d5d1ac2dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 15120
expires: Sun, 09 Jun 2024 08:38:23 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BEF6 0
127 B 15ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=lmn28btWBcR_kwMkwqo4UcR7t2rGymKYe0Wue1F-Zr2I-LbuXbC5a0XUaOihsSJtH75dEYMV_YHnSSH1Gqo6Nvyo8p7XwheG5knSgZFb1zdkvvZvO9hCkusiL2HEk7JTixFfslGZ4nJw4Fj5VBpwrHRifJzx16BEuYm4ZICuiXPNVaFsuKAUiQ8K7MXyVvJUd-WjPHlkfvmDNuYLHggP_rMdfagoFDu1r0iXS_nQjdDEy2XGbrf0qo-bjpVUU6fMfdxLRA&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BEF6 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame BEF6 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
DATA 200
OK truncated
/ Frame 3A10 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453eb2a3e8950acb2d510154c68dbd9e8a16767384c696e18c7da54fcf9f1fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 30DC 2 KB
1 KB 29ms
15ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZItFpgAFlbUIFUbKAAekx7mQnbrTCYG0kO4c6g&u=%7CCasp2cPCKnZi1TnHYgasWJ%2BxFo0wwD9YQHJZ1g%2FS%2BAs%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86yRqsQsL7Z8yozuPOp1T6J4tR9U6u_MOyaInZeVL0CuJRM_4l4oIEvk2fMddbehpYxpXNk5QdwQkk3rWEK453ufXZ0c5FmVDOQYk2fcgOkugZI09TxCMBj8yWyMhAvuKSWRjlbhNdDtte6kDiCYAq0Qn3kdk_c_B8xXeVEfKCtlO026zDcF9nCR3KZyVgBqg-lhtLEXm4grn3WqoXSb-6ToECBXZCXLNSKYGm7o4hlMJYj6n2F41IGuC2V0FTV3r7WdRiu59veExiCOWQrkv7j-3SD-maOEWBXp6gxoR27Xcf-SHrY8QSXdGEVzHNoW6Mgb_rnLwiVGIKMy15eGUwZ-JiQuURFxRbzvcJ5Ad55fJLUCJO5fCqllA8wdkZGdrvkZO6L6Wpid1Muyh9GEVNZ0PMLB4zu1UxAsIAKOd2loMrhE8Htsurx4D9O6CC5-IXXDjFlzhrK_SaY4jXTJiWwLEhnFzqZuOug2SV4ELBZoZLKzL_7NSvEYwlFo6Xy0kcHcNiA2bTGsTQ6H-H0TBtLtZdHpTZs0Hjy1DQoRzoKXY7RLvrAUc_Ni237nKVKR1AA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPmZ9pkWLZLWrFsqN1fAPx8meyAfJntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgTNAk_Qo8KFLlMLO9j5wwvzKiHv1XP-ej7BoX7qrwFufknxewB8HcM3rwYmXOqDIvK4CoYSOkHWbt8B7d_mQXceYgMf9dyjUeQR27wUCdwkYwLhRLH_bXizNSPJIzEk2NQIN_NwmZ8zOLYLpN1LBFI6t7L33wiBY2Lwe4zS3J4tjLo3JAXnP0ZR6CvwtnXyJE3OkOlUbTqVVw2Bof4xWAXIrScyiOtyPFRGNninpvm6dn3Th6Sm6Kg6xlakBVUShuLKFjnI7AFs-KYN4to2_wIB8TWgD8W8lhVCZxiiHHEhTdSDffHdJSpzUTb8U77nYLgqJ__IFJOd9_Wz9grOjQ8HyJuMFwyJjzfDIOusi9HOsT4hrfnn8mttOeObQ2Nk2PwVS8Uxhpu40Lh-sLXQw5H8vw_sgRWgZC5XCacFnFIBLjs0wOT_Q2Ucz4KDy0obZ4AG_cimh-TIuoC7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1QhDvfpyRTLSNsBmKW8SHfqQ_PiA%26client%3Dca-pub-9491495309229936%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 30DC 2 KB
1 KB 30ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 30DC 308 B
636 B 27ms
19ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 30DC 293 B
621 B 27ms
20ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 30DC 43 B
347 B 26ms
18ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9Q2lv_qs5BdAhc9p5G3eWvIuGDM7nsnoVW-6nF0-Zk2yH6aURF1IXXF7kF2yO0ixuIRf-DNrUrfCmQp96P41DQ0ltfkIg7npyxMe6xTyixY7gDUDwARyBBLCEqYanIVcw-4eNKwDQyHgJPPgSwli6cwYa24em3BOaBuPkhPS2k6HN_yG6r9cNLaRplG7V9EiH12mb6X0cikhGl7j97bgE083GLlX7lizQqy8irOFqvDn_Vw8Z4cb3LctiBvtOyjk9Qw6W1Ec8sWpCPw5Ys5nj-kjf4PoqoQqrJ9tJ8jPmhgHhiNIgF8RkK8XsM9GzabCcn1w48AvBc6rrIhToANOKn7FYfv-B8kSivYp_v6pRM2C4HsRqzHu9Tbz-qut62Ghd9jL134ubmh1dKee3jNj7wQ1Iy8bS0mbIbZDMASqpdq81N-d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1977111
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F9F8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKdFmENVFjE31ly6HCEDzh0&google_cver=1&google_push=ATf1kGPSivG8taL1dbv_7xbJ39gA9RW7eIKo95xfMp_tLW_UMwaGrFqLAUZOrqYpV7pI_pOAZieYMdU7Q3Q9kyCl...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPSivG8taL1dbv_7xbJ39gA9RW7eIKo95xfMp_tLW_UMwaGrFqLAUZOrqYpV7pI_pOAZieYMdU7Q3Q9kyClrdGP8RevyuXsyw

170 B
188 B

50ms
46ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPSivG8taL1dbv_7xbJ39gA9RW7eIKo95xfMp_tLW_UMwaGrFqLAUZOrqYpV7pI_pOAZieYMdU7Q3Q9kyClrdGP8RevyuXsyw

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 15 Jun 2023 17:08:55 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGPSivG8taL1dbv_7xbJ39gA9RW7eIKo95xfMp_tLW_UMwaGrFqLAUZOrqYpV7pI_pOAZieYMdU7Q3Q9kyClrdGP8RevyuXsyw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 15 Jun 2023 17:08:54 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F9F8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEE1kC18_uEut35cpm337oZ8&google_cver=1&google_push=ATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE1kC18_uEut35cpm337oZ8&google_cver=1&google_push=ATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMv...

43 B
422 B

213ms
202ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE1kC18_uEut35cpm337oZ8&google_cver=1&google_push=ATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=1761866724&pi=t.aa~a.1794496191~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=2&bdt=2633&idt=2&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280%2C370x280&nras=5&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=2830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=QyQWQ5FHFg&p=https%3A//sham-store.shop&dtd=62
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d7c6af7f84e2bae-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 444
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE1kC18_uEut35cpm337oZ8&google_cver=1&google_push=ATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPRFLs8M_X5ozfkmMFTuWtmO6Dxkd1ogjc6YNsRCRPvEYlPJRCKtNEnoOGDOQpd5WkpInX3bvAcrcDj_p_3aXRxQdpjSMvW%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d7c6af68d0f2bae-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F9F8 70 B
265 B 55ms
48ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBLPLqJ3OmOeFzJVHsA8q-4&google_cver=1&google_push=ATf1kGPo3-WH5zzjVSBRtumgufmOTb6K23RrLAWhYJYKud08FJqOrvaTg8wKESQA7Sr6TED0zckE5oHeD-4ZEdoslfRevlPqBw0laA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=1761866724&pi=t.aa~a.1794496191~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=2&bdt=2633&idt=2&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280%2C370x280&nras=5&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=2830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=QyQWQ5FHFg&p=https%3A//sham-store.shop&dtd=62
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F9F8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGNk9-lOL26X8ujllIoaaNuBjhpO7I4AcbuWdV5lRISnDGhnFzhLD99jFFFWVJB6Tpcn-ZaVf5hN...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGNk9-lOL26X8ujllIoaaNuBjhpO7I4AcbuWdV5lRISnDGhnFzhLD99jFFFWVJB6Tpcn-Za...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGNk9-lOL26X8ujllIoaaNuBjhpO7I4AcbuWdV5lRISnDGhnFzhLD99jFFFWVJB6Tpcn-ZaVf5...

170 B
188 B

51ms
47ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGNk9-lOL26X8ujllIoaaNuBjhpO7I4AcbuWdV5lRISnDGhnFzhLD99jFFFWVJB6Tpcn-ZaVf5hNQzBLb6d64Lqe1A0oQ8wGww

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGNk9-lOL26X8ujllIoaaNuBjhpO7I4AcbuWdV5lRISnDGhnFzhLD99jFFFWVJB6Tpcn-ZaVf5hNQzBLb6d64Lqe1A0oQ8wGww
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F9F8 43 B
362 B 23ms
16ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEFhdvtsM0F_9XK1-rIEKbWg&google_cver=1&google_push=ATf1kGMexPsD5VnCSTdXNxjgCdP5ud3_9Uk_-1GTF6zX3VU4gk6F0NQL9FwGVwn1nDetyPLrrUWfIaOS1BIUtH3zv5q5x3ld61oAcQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:54 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 195667
expires: Thu, 15 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F9F8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGM1ALPu-vutzWqUjZMlEU0FqkyzF8_GDcy6qJ3l6y8y3tFoPoTFx3Hz8ajlEJ1qigKPfPl57lQp...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGM1ALPu-vutzWqUjZMlEU0FqkyzF8_GDcy6qJ3l6y8y3tFoPoTFx3Hz8ajlEJ1qigKPfPl...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk4NjMxNjIzODk3Mjc2OTEyNQ&google_push=ATf1kGM1ALPu-vutzWqUjZMlEU0FqkyzF8_GDcy6qJ3l6y8y3tFoPoTFx3Hz8ajlEJ1qigKPfPl57l...

170 B
188 B

52ms
48ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk4NjMxNjIzODk3Mjc2OTEyNQ&google_push=ATf1kGM1ALPu-vutzWqUjZMlEU0FqkyzF8_GDcy6qJ3l6y8y3tFoPoTFx3Hz8ajlEJ1qigKPfPl57lQpeP1D1fBLToqtgZ4p7kyTng

Requested by

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk4NjMxNjIzODk3Mjc2OTEyNQ&google_push=ATf1kGM1ALPu-vutzWqUjZMlEU0FqkyzF8_GDcy6qJ3l6y8y3tFoPoTFx3Hz8ajlEJ1qigKPfPl57lQpeP1D1fBLToqtgZ4p7kyTng
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame F9F8
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBmd0hBC_ROoiE65_OnVjH0&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGM-POFiML1wrHbtX2r1emmpur4QLS45u6zVxIjvfJetsnFojwNVuDbkYtO4TvuhhsO3UhgLS8hC08YG26nwKLtLY6j4Me_FzYE
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

36ms
33ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=1761866724&pi=t.aa~a.1794496191~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=2&bdt=2633&idt=2&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280%2C370x280&nras=5&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=2830&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=QyQWQ5FHFg&p=https%3A//sham-store.shop&dtd=62
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 15 Jun 2023 17:08:55 GMT
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F9F8 0
41 B 54ms
48ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LsLFjuoy9MvqikQRJ5TY7e_F5jcLu-rLcTG1F5NvcPNFcnGdAzul4jPScd03ZLweRtNc45Hg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 28BA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4f995c64f12a82b435dcfbafb061c05127a751eb5051460c82456de151a4ee4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D2F7 1 KB
643 B 58ms
43ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Fri, 16 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 46CA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4a5ce65131fdd1239c1895342de01c49d4ad1a510c1af585dbfff0e31ee6c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39FD
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAoCirb9647ZFJSYd17Nihg&google_cver=1&google_push=ATf1kGNhoGVEai0qFbvuGGUntH87XQfo-XOIVz7d5OeB6tNuDWb-H9JDVj...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNhoGVEai0qFbvuGGUntH87XQfo-XOIVz7d5OeB6tNuDWb-H9JDVjcfD9y7RvjbJnRCxJRIu_ob0ObGm3mv-Nvu1X-_rF0Tb_Y&google_hm=8BdmeMQJS...

170 B
188 B

101ms
95ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNhoGVEai0qFbvuGGUntH87XQfo-XOIVz7d5OeB6tNuDWb-H9JDVjcfD9y7RvjbJnRCxJRIu_ob0ObGm3mv-Nvu1X-_rF0Tb_Y&google_hm=8BdmeMQJSOiNWKirwS34Lw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ATf1kGNhoGVEai0qFbvuGGUntH87XQfo-XOIVz7d5OeB6tNuDWb-H9JDVjcfD9y7RvjbJnRCxJRIu_ob0ObGm3mv-Nvu1X-_rF0Tb_Y&google_hm=8BdmeMQJSOiNWKirwS34Lw
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39FD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKdFmENVFjE31ly6HCEDzh0&google_cver=1&google_push=ATf1kGMC5x5KDt1AwWdBMyK8gaKPntqHOu0lF8sAqCKSnxeNeXSqY6vvp_NXIlrlWMyT7U6rFnp3s9iGjFlwCyJ5...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMC5x5KDt1AwWdBMyK8gaKPntqHOu0lF8sAqCKSnxeNeXSqY6vvp_NXIlrlWMyT7U6rFnp3s9iGjFlwCyJ5U8HEeNYG2kM50Q

170 B
188 B

104ms
97ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMC5x5KDt1AwWdBMyK8gaKPntqHOu0lF8sAqCKSnxeNeXSqY6vvp_NXIlrlWMyT7U6rFnp3s9iGjFlwCyJ5U8HEeNYG2kM50Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 15 Jun 2023 17:08:55 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x31 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMC5x5KDt1AwWdBMyK8gaKPntqHOu0lF8sAqCKSnxeNeXSqY6vvp_NXIlrlWMyT7U6rFnp3s9iGjFlwCyJ5U8HEeNYG2kM50Q
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 15 Jun 2023 17:08:54 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 39FD 0
187 B 79ms
20ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENK3igEWGox7UPex-WauMCI&google_cver=1&google_push=ATf1kGM-a8hwaF_yshvN6K5Ki41t-Sfg_mcW_7xTuAxCsAH5Q-QkpwmfWrku89Z3Byf_-11whQlw5t-ICe8fsS9hz5pU9askBqvHnLo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:54 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39FD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJLGCrOpg3Q5juGH_n6YYQk&google_cver=1&google_push=ATf1kGNd6HBoekRGxdiAu28kSO-p1dVcCgjtvcT5u3RR8AAPBkBpC1QJpsVGCUYcbSw7_GahdBC511UAUoqEjzKBKmVbUv8...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNd6HBoekRGxdiAu28kSO-p1dVcCgjtvcT5u3RR8AAPBkBpC1QJpsVGCUYcbSw7_GahdBC511UAUoqEjzKBKmVbUv8R9RX6mA&google_hm=eS1vQ3pEbnpSRTJwSHRW...

170 B
188 B

82ms
82ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNd6HBoekRGxdiAu28kSO-p1dVcCgjtvcT5u3RR8AAPBkBpC1QJpsVGCUYcbSw7_GahdBC511UAUoqEjzKBKmVbUv8R9RX6mA&google_hm=eS1vQ3pEbnpSRTJwSHRWdDNMRk95bzdkMnhwOVBoS19rdH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNd6HBoekRGxdiAu28kSO-p1dVcCgjtvcT5u3RR8AAPBkBpC1QJpsVGCUYcbSw7_GahdBC511UAUoqEjzKBKmVbUv8R9RX6mA&google_hm=eS1vQ3pEbnpSRTJwSHRWdDNMRk95bzdkMnhwOVBoS19rdH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39FD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGMZcmFfa_q3aymy9vOu_FqIyoNpdFNV7CE8F62KYk3aFtj_M8eZa7kfqEoObUpMHTxpH-9f0RMl...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGMZcmFfa_q3aymy9vOu_FqIyoNpdFNV7CE8F62KYk3aFtj_M8eZa7kfqEoObUpMHTxpH-9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ0MjQ4MTk4NDkyNjAzMTU1OQ&google_push=ATf1kGMZcmFfa_q3aymy9vOu_FqIyoNpdFNV7CE8F62KYk3aFtj_M8eZa7kfqEoObUpMHTxpH-9f0R...

170 B
188 B

51ms
46ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ0MjQ4MTk4NDkyNjAzMTU1OQ&google_push=ATf1kGMZcmFfa_q3aymy9vOu_FqIyoNpdFNV7CE8F62KYk3aFtj_M8eZa7kfqEoObUpMHTxpH-9f0RMlI-HHFqlfljsMWWdfq_GBj9A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ0MjQ4MTk4NDkyNjAzMTU1OQ&google_push=ATf1kGMZcmFfa_q3aymy9vOu_FqIyoNpdFNV7CE8F62KYk3aFtj_M8eZa7kfqEoObUpMHTxpH-9f0RMlI-HHFqlfljsMWWdfq_GBj9A
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39FD
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEB9sMxhg-1B2YvTQKw2DvhM&google_cver=1&google_push=ATf1kGOYTMIcnj-PC3TAJaq2_XfqwoZxOxrqGffxH-i7Ebsfvif6-8lk8TsjHy-9tDhZ1RYqyv3UKHs0-pijvVSz7eJpKsx...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEB9sMxhg-1B2YvTQKw2DvhM&google_cver=1&google_push=ATf1kGOYTMIcnj-PC3TAJaq2_XfqwoZxOxrqGffxH-i7Ebsfvif6-8lk8TsjHy-9tDhZ1RYqyv3UKHs0-pijvVSz7eJpK...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOYTMIcnj-PC3TAJaq2_XfqwoZxOxrqGffxH-i7Ebsfvif6-8lk8TsjHy-9tDhZ1RYqyv3UKHs0-pijvVSz7eJpKsxbHytSFOw

170 B
188 B

47ms
46ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOYTMIcnj-PC3TAJaq2_XfqwoZxOxrqGffxH-i7Ebsfvif6-8lk8TsjHy-9tDhZ1RYqyv3UKHs0-pijvVSz7eJpKsxbHytSFOw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGOYTMIcnj-PC3TAJaq2_XfqwoZxOxrqGffxH-i7Ebsfvif6-8lk8TsjHy-9tDhZ1RYqyv3UKHs0-pijvVSz7eJpKsxbHytSFOw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame 39FD
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBmd0hBC_ROoiE65_OnVjH0&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGM78yHOBojYsets1M25vqKbZvDSuFt7aW0wSofomf1kpNsO4yomft36exoqAqwPmU33f7cvBB09blD_EC75NRx67VE_lpfnqKY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

32ms
30ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Thu, 15 Jun 2023 17:08:55 GMT
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 39FD 0
12 B 54ms
46ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmhiIihc81-wtS1t71eyHX9UBsX3o56G7dkmfmV82vAuQSJBzfST0PvFSWL1xUwKltxR9fQQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 30DC 12 KB
6 KB 28ms
16ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
DATA 200
OK truncated
/ Frame 4111 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f4b2081eb07f23a31d5eb525a027d6af4b79a75777a03b69013d2281432888c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 30DC 11 KB
11 KB 20ms
17ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2af0c5e150b151b4e24db10de46e51ab10e749b7ab4205b097f439db04714e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 11119
expires: Sun, 09 Jun 2024 08:37:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 30DC 210 KB
210 KB 21ms
19ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

26e0a4940a7118f9446572007b9ee9ad23d287e158067a252b5e27e702f69772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 215074
expires: Sun, 09 Jun 2024 08:40:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 30DC 199 KB
199 KB 20ms
18ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e794207b2db3baaa427ab4ef9c2a7a4bedce491a6d0edf11f3dbe91fdfea2536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 203700
expires: Sun, 09 Jun 2024 08:41:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 30DC 96 KB
96 KB 31ms
29ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

064cf7614522d49cc2c991efde6827b907e347e54cb74fd08b7480803fced02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 97864
expires: Sun, 09 Jun 2024 08:41:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 30DC 147 KB
148 KB 32ms
30ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a71a6209be03d59358c3f459c15ab3dfb186812f12ee077cd621933a96400598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 150838
expires: Sun, 09 Jun 2024 08:41:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 30DC 0
127 B 20ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=shtW6LtWBcR_kwMk4OdFR-H1hwBEv8fj-JgIpkQnJRJtPkZMlsW7r7Uone4vTK5dz4piA1uIsVjOkDknv9cDA4XmgmXzzl_8XKXpaR-EeTmdesdoxiWZF9I7AgEdqme8HwF2lfPA7nVTVY-xg7xpeI6Nz50DKxhcCbiMa2wy-yAMODaEuMtFkCqqjAqPtcUBg-PcS5MOoDPtHa75KcKXwMyJ8MF59jeaxdSEvCiKpOrq1jmjvJ2s4jQs83fcGNuZ4_DjqA&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:08:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 30DC 2 KB
1 KB 21ms
16ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 30DC 2 KB
1 KB 20ms
18ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:08:55 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 070E 3 KB
4 KB 79ms
25ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2344
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMf8Fd28wjxZOcM3jMoxdlhSloAIsdDAPTunBAShE2Cg%2FRNjkL3xUbMbusaMbU0rAiyC9BRBEsSCkWGWXv0YS5G3U03noxT%2F2HD3%2BKXYSdN0puu9EiDezfrhW9DpW5V24k6GWWFcfPHAOCJI5MMoj6Kb"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7d7c6af84b0d3636-FRA
expires: Thu, 15 Jun 2023 17:09:33 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 30E9 2 KB
1 KB 23ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 247399
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7d7c6af81ad46939-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 15 Jun 2023 17:08:55 GMT
expires: Thu, 08 Jun 2023 00:41:56 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFWov%2FbWnh23ADVbMa6fBW%2FzGv4a1v9E7%2FYWmJ0lpaF4Mw4FZVeEx48dJRVbHDY%2BVJrtFW3IruTnsbYgvreZ68s7VSusp%2FzZ%2B%2BQIfEtdmuKfCVHU8bhcIPAx5XmYBOPNoBsVpVc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENEOqftSdTitNvYm7DnPKp0&google_push=ATf1kGN31fKofDg2EuWsgRJQBWzdXFTMOnTVkP_JoywqAwPOdBZtrIXCAk...

170 B
188 B

54ms
53ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENEOqftSdTitNvYm7DnPKp0&google_push=ATf1kGN31fKofDg2EuWsgRJQBWzdXFTMOnTVkP_JoywqAwPOdBZtrIXCAkwGSEpg-870RXjAa4fLPw3NVOwQ1zy5n4PPkVZ3taLylDs

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230077-FRA
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1686848936.742493,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENEOqftSdTitNvYm7DnPKp0&google_push=ATf1kGN31fKofDg2EuWsgRJQBWzdXFTMOnTVkP_JoywqAwPOdBZtrIXCAkwGSEpg-870RXjAa4fLPw3NVOwQ1zy5n4PPkVZ3taLylDs
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENa8GaYOVmStxT5tHpSLw5I&google_cver=1&google_push=ATf1kGNKx3RuPYVbrgqGtCKXog2GVZzpiZAAPcejQyHHUU-6-g_JuDzGjlMrNbxGtBbAxArummPyBdpUva0mcVS0kH4uWc-5CrQSlo0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F41917FE21247A5A27EA049D8E18DA0&google_push=ATf1kGNKx3RuPYVbrgqGtCKXog2GVZzpiZAAPcejQyHHUU-6-g_JuDzGjlMrNbxGtBbAxArummPyBdpUva0mcVS...

170 B
188 B

59ms
58ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F41917FE21247A5A27EA049D8E18DA0&google_push=ATf1kGNKx3RuPYVbrgqGtCKXog2GVZzpiZAAPcejQyHHUU-6-g_JuDzGjlMrNbxGtBbAxArummPyBdpUva0mcVS0kH4uWc-5CrQSlo0

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6F41917FE21247A5A27EA049D8E18DA0&google_push=ATf1kGNKx3RuPYVbrgqGtCKXog2GVZzpiZAAPcejQyHHUU-6-g_JuDzGjlMrNbxGtBbAxArummPyBdpUva0mcVS0kH4uWc-5CrQSlo0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 14 Jun 2023 17:08:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F7
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEAP6rcxkij1S7r8WpUuS6oA&google_cver=1&google_push=ATf1kGPF489bAq8Gbqr8eKiTvWLH3sQ4uRQxerw3ql8xtQONWuqSEysBlDALwlDAvI5bHIxICxe7GzEpDvkaemmN...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=70SU3NTkTw21bb9ir_AVKA2&google_push=ATf1kGPF489bAq8Gbqr8eKiTvWLH3sQ4uRQxerw3ql8xtQONWuqSEysBlDALwlDAvI5bHIxICxe7GzEpDvkaemmN_9R_l85Ud8cU9o4

170 B
188 B

53ms
53ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=70SU3NTkTw21bb9ir_AVKA2&google_push=ATf1kGPF489bAq8Gbqr8eKiTvWLH3sQ4uRQxerw3ql8xtQONWuqSEysBlDALwlDAvI5bHIxICxe7GzEpDvkaemmN_9R_l85Ud8cU9o4

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 15 Jun 2023 17:08:55 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=70SU3NTkTw21bb9ir_AVKA2&google_push=ATf1kGPF489bAq8Gbqr8eKiTvWLH3sQ4uRQxerw3ql8xtQONWuqSEysBlDALwlDAvI5bHIxICxe7GzEpDvkaemmN_9R_l85Ud8cU9o4
x-host: tde-deliveryengine-production-768c8bf7ff-n6fcc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F7
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGNUEqvADT7lUm1KV97adldWY0XDywknhf5UUSlDYgDmuxh0P3XyZSnrIttfrDEhn5Jjcpr30PFI...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGNUEqvADT7lUm1KV97adldWY0XDywknhf5UUSlDYgDmuxh0P3XyZSnrIttfrDEhn5Jjcpr30P...

170 B
188 B

49ms
48ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGNUEqvADT7lUm1KV97adldWY0XDywknhf5UUSlDYgDmuxh0P3XyZSnrIttfrDEhn5Jjcpr30PFI-pG8D8VsnTSinSCi_0q7FXk

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGNUEqvADT7lUm1KV97adldWY0XDywknhf5UUSlDYgDmuxh0P3XyZSnrIttfrDEhn5Jjcpr30PFI-pG8D8VsnTSinSCi_0q7FXk
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F7
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB5qRtp3LvwyI40D-1FpBJY&google_cver=1&google_push=ATf1kGOjS-kwmqJoC9dNEmj69te9q3yB89mwXfuq7-vHwa67q4dCq5wtyWNMIdJnltMoHpPjNuWbUPdy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGOjS-kwmqJoC9dNEmj69te9q3yB89mwXfuq7-vHwa67q4dCq5wtyWNMIdJnltMoHpPjNuWbUP...

170 B
188 B

47ms
47ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGOjS-kwmqJoC9dNEmj69te9q3yB89mwXfuq7-vHwa67q4dCq5wtyWNMIdJnltMoHpPjNuWbUPdydHWKD_bd47QLgr8x2pivJg

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY0MDQxMTgzMTY2OTIwMzAwMw&google_push=ATf1kGOjS-kwmqJoC9dNEmj69te9q3yB89mwXfuq7-vHwa67q4dCq5wtyWNMIdJnltMoHpPjNuWbUPdydHWKD_bd47QLgr8x2pivJg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame D2F7 43 B
298 B 173ms
23ms Image
image/gif 2a05:d01c:1d8:8102:93c2:afdd:6b38:a325
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESECbpsoK6aSLIhWD1voWV-qE&google_cver=1&google_push=ATf1kGOGp8k8VU-ryBAxlJrZ-NG0ENzH_5b5WZgRPOkVr_Nsx0xZqJ4sXYtbwAfSb2NExMcVXh7x3qrLmsU1nMovx90mDmoZ-GLDj5U
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:93c2:afdd:6b38:a325 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D2F7
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBbEDJPeqcPJuWlAP5714RM&google_cver=1&google_push=ATf1kGNMiKrshxLv3qCVTifqvN8-1P-vD-dob-2-IW2vgWjFbW4vPEWXUw33PIWhWS3jBzXEBZvTOBOscUAq...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNMiKrshxLv3qCVTifqvN8-1P-vD-dob-2-IW2vgWjFbW4vPEWXUw33PIWhWS3jBzXEBZvTOBOscUAquqEFo_saqoAzhvnLt5k

170 B
188 B

47ms
46ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNMiKrshxLv3qCVTifqvN8-1P-vD-dob-2-IW2vgWjFbW4vPEWXUw33PIWhWS3jBzXEBZvTOBOscUAquqEFo_saqoAzhvnLt5k

Requested by

Host: sham-store.shop
URL: https://sham-store.shop/nc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board/

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNMiKrshxLv3qCVTifqvN8-1P-vD-dob-2-IW2vgWjFbW4vPEWXUw33PIWhWS3jBzXEBZvTOBOscUAquqEFo_saqoAzhvnLt5k
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D2F7 0
12 B 56ms
52ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSRja8cxxA8KIz7qcIK0lMrCstsH8IE-cQu3CtxAb-A-lZwie5RogPwlgxbqXQJYeIY-Na

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=3384979410&adf=4113124724&pi=t.aa~a.977465027~rp.4&w=370&fwrn=4&fwrnh=100&lmt=1686844847&rafmt=1&to=qs&pwprc=6110872385&format=370x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934373&bpp=1&bdt=2633&idt=-M&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280%2C720x280&nras=4&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=274Evdaf5G&p=https%3A//sham-store.shop&dtd=53

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 46CA 0
19 B 83ms
79ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYtunpkWLZLWrFsqN1fAPx8meyAfJntKxXL2Ol_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk0OTE0OTUzMDkyMjk5MzbIAQmpAvENXVuMMLI-qAMBqgTKAk_Qo8KFLlMLO9j5wwvzKiHv1XP-ej7BoX7qrwFufknxewB8HcM3rwYmXOqDIvK4CoYSOkHWbt8B7d_mQXceYgMf9dyjUeQR27wUCdwkYwLhRLH_bXizNSPJIzEk2NQIN_NwmZ8zOLYLpN1LBFI6t7L33wiBY2Lwe4zS3J4tjLo3JAXnP0ZR6CvwtnXyJE3OkOlUbTqVVw2Bof4xWAXIrScyiOtyPFRGNninpvm6dn3Th6Sm6Kg6xlakBVUShuLKFjnI7AFs-KYN4to2_wIB8TWgD8W8lhVCZxiiHHEhTdSDffHdJSpzUTb8U77nYLgqJ__IFJOd9_Wz9grOjQ8HyJuMFwyJjzfDIOusi9HOsT4hrfnn8mttOeObQ2Nk2PwVS8Uxhpv60pnsNzpM0C5gq6w8vLNYbTpdv60rhNC15gaSMlvhb32ZZQaQdIAG_cimh-TIuoC7AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTQ5MTQ5NTMwOTIyOTkzNhgA&sigh=RKxSXDHqq84&uach_m=[UACH]&cid=CAQSKQBygQiDJaW8L-N9YR4IzziVrLRkJe-EfkbnaiTrBEBiMeWxcFgBF26TGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Jun 2023 17:08:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 46CA 0
125 B 24ms
19ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kNulF8z6RNAFmAKdg2ICAgAAAOZNsAEIyQQMEKZFi2RwCpSo6B934OL0AAASAAAKCkFRVUJEd0VCRHc&wp=ZItFpgAFlbUIFUbKAAekx7mQnbrTCYG0kO4c6g&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=280&adk=2781885241&adf=2830067344&pi=t.aa~a.2021211784~i.13~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1686844847&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6110872385&ad_type=text_image&format=720x280&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&fwr=0&pra=3&rh=180&rw=720&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848934310&bpp=1&bdt=2571&idt=1&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x300%2C720x280&nras=3&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=246&ady=2428&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=ODk5yg2G6Q&p=https%3A//sham-store.shop&dtd=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 205556
server: Kestrel
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 070E 2 KB
2 KB 46ms
44ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb17860e7130937384b4fb3300a595529da9853a83750312e7952a73383ca560

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG%2FCUDq2mfm%2B2JvF%2BRTnUX4nlULE%2F%2FD5WZYzYe4VPUHaHhBX3Qz4YV3ZN8ohekDcHpRlBy36DZJwCBg9FeXWfhsIyc8ZDd8lCOivIzun6%2FecMTKDk8q5TjjQdDYsPvXp0vmtbOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7d7c6af8cfab35ee-FRA
x-backend-server: aa-reachservice-group-europe-west1-3zc0
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 37ms
25ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d7c6af89f7e35ee-FRA
content-length: 24
content-type: text/plain
date: Thu, 15 Jun 2023 17:08:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDczhJZce2j032uqBYnfVTdeykBeQNaNABaYRMi9JM9Km31%2F5pkoUcX4VQiLRwoJVQZQWcMDxuX4SfH2AIV0G2eswM5lEhU1y5TkFClR3L4NxTVJWlcVHbe8L%2Bw%2Fm%2BTZuVUbjBg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-3zc0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 91ms
89ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230613&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65fbca61d1918db0ec685ca0369a1b83d555c83c51e729d5359a015649283d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11185
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8E9B 9 KB
4 KB 36ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d43dd4a38df6a80e592b8b349c51f1f9fa718e9f91da755b98e7acc19ce86aeb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jnsbddp9qshcdhhcdqe503ys7vj0efr8caxtkz5jeqykmgfvqtfbahe8pr76z0kjfegf1sqf8xx3bhkjpcy8qmy7zj6xdbt13f90mevcgw4v8n05483yp9jq55q9r8kkyhsfrpgbydqvr1y0wsxan1d2wqvq67kh61tph5k54rwemwpezas2ncj0baedxmrqpkry6n8c4wfb33v83avbyrn3dat6waj9xnqdscjkej72vxegy2650b38awrdyxv978zrhkmmdbcshafvxfdy0s1zjmmcttrdtvjkymne7y6ppt0h1epxr36bxpc84pzw9235hztkvavhxb6ddgwmczyv2h9a4tvhhq3ptj7zt1grda83hdm6yr2yxvackkga8pzd0td8bv0707wyqg0qms3cq0xaqx9t8pxzn1wndmczmjvww9k0t8653etede0dnwyhccq6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%26client%3Dca-pub-9491495309229936%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d7c6af93c666939-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:55 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 17:08:55 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.42/one-ad/ Frame 8E9B 106 KB
13 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.42/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1686312358
age: 536270
cf-polished: origSize=108907
x-guploader-uploadid: ADPycds4BaPB2cnNKfGCpO0DHbi1YsFTcCTGXC9fJnH_NboEzcGfHcnLXlcIvq2iasQ1ZmCVOJqaFT1yvUfFyfqQRQlEfuWooABE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 09 Jun 2023 12:06:25 GMT
server: cloudflare
etag: W/"913a188acf4937267d989357edafdccf"
vary: Accept-Encoding
x-goog-generation: 1686312385390155
content-type: text/css
x-goog-hash: crc32c=+kWf1Q==, md5=kToYis9JNyZ9mJNX7a/czw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuOY%2BX81XZ7b6HhYKiSn4LY8t3oGZFcsOlq2OsGzwl1WRx%2F%2BAHqbB%2BRC971JhxqjBNIKXZNR4vaQmwE2pAHmlEvtVU%2FHRNu4Aj5wDmvaRt%2FLn62QtWC6ykuGxfzhXO8ScybBAtoFFtw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 108907
cf-ray: 7d7c6af97cc36939-FRA
expires: Thu, 15 Jun 2023 18:08:55 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 8E9B 2 KB
3 KB 63ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418738
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1tnohZCD%2BeBzVZiSZv3zt3rY%2FyCvpMrDAqHCoy9P1UheHBZSF9SLvuiUEP%2B2ZwaIRCQX821Gf6Xk827IiP7I8DPmaFPKkee190mGj44IUD5p6RM5HrEkikPZKoy0nke3yesfapfKeuLCmiK"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d7c6af9bd179034-FRA
expires: Fri, 16 Jun 2023 17:08:55 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 8E9B 339 KB
340 KB 54ms
32ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 79766
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUCBM%2BNTeY0cSleYPrkSs1pv2RMj92ggmfjJbeGBLtFNgCNpgDh3j0fXxyFcpJY24W8R79etzq89frvmc2B%2F2Uzsg6cMDysbzh99O3ZsvxtLSQZE4vC5F64pLmGCdEpOxWpkrdkjDolNiZX%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d7c6af9bd139034-FRA
expires: Fri, 16 Jun 2023 17:08:55 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8E9B 43 B
704 B 94ms
44ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Jun 2023 17:08:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 8E9B 74 KB
74 KB 54ms
33ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1199236
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bru73mA2GfyoHL%2BTiML39D4Ao3lmmdb6%2BtSyq0A64vkd0cx2tomnsA8kQr5B%2BWtLUHWoCgIHZjDEDfV99kTk2eaccVyb50PWvTOJme8DJt%2BVgjHXHXfinoeHHa4J2VZsn8dMv9JIYdpfwNvn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d7c6af9bd109034-FRA
expires: Fri, 16 Jun 2023 17:08:55 GMT

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame 8E9B 22 KB
23 KB 47ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2322694
cf-polished: qual=85, origFmt=jpeg, origSize=60344
alt-svc: h3=":443"; ma=86400
content-length: 22974
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 22:20:34 GMT
server: cloudflare
etag: "06609266defcd14ec685b2464aeced2e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FthFQ9uugVJSyv98D9IGVTD1oh9T%2BDkWzlhA%2FJfn3QlvkfyBC%2BhavQd9Xe52eQ1WJ0z15Yr3eS6J08r7%2F2YjRIxTZ4qbszzikzk14zBhkUmHf56ci7bBJbvmHJ8J8qykHUceXqyj36o66S66"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d7c6af9bd199034-FRA
expires: Fri, 16 Jun 2023 17:08:55 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 8E9B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKb9_fzhxf8CFQCW_QcdBrkOLg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023061519085685927015841X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suit...

49 B
1 KB

95ms
31ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023061519085685927015841X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023061519085685927015841X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 17:08:56 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023061519085685927015841X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023061519085685927015841X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
date: Thu, 15 Jun 2023 17:08:56 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 8E9B 10 KB
10 KB 46ms
25ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1201411
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAuM9WUo%2Bzbl%2B1hfxC2RufFBTRoTLafCrWVvybqK%2B8B9%2Bd%2BGWX2ttBmI96JAZvvL2x4EfVg%2FGhYdDQ5C9CjBECm6zlr5eUPz70Wm2hgECQtsmBgoQP5HLQymCRN725Qfyeq66fJDCNVrpElY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d7c6af9bd1b9034-FRA
expires: Fri, 16 Jun 2023 17:08:55 GMT

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 8E9B 58 KB
58 KB 49ms
28ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d38282ac0c1816553a3a1c9b74f00bcf0b60aad1b473bc58b1403c67ba5c8048

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1651208
cf-polished: degrade=85, origSize=128978, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 59304
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 May 2022 12:16:42 GMT
server: cloudflare
etag: "aa8c145ca1b6cb2be4e511f8f6f2685d"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eb3eIsXXSyCb8732%2BPEJzE3qi2h870AQYTDZfOWQequO8MWIIVjqZsqErhjCB8xngYIYjlcpqZmafHBGjnqx99E0gUkiKKAFAkSDtKxe1rIVrbmtfYSCfUKGZXya2OUlZPC9avSitaMSBjDf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7d7c6af9bd159034-FRA
expires: Fri, 16 Jun 2023 17:08:55 GMT

GET
H/1.1 200
OK 2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame 8E9B 0
365 B 163ms
91ms Image
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 17:08:56 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BAE:9F64_91EFC182:01BB_648B45A7_5E9FCE:1ECFC
X-IPLB-Instance: 40028
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E6AE 13 KB
5 KB 44ms
41ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 08:35:27 GMT
expires: Fri, 14 Jun 2024 08:35:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C44A 783 B
535 B 52ms
50ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

886bef58a0004662b9275bf4b43cf943534f4974ad291dac2acf5eb315f2ebbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WLJ1U4NY-Y6rJBIybLniyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sham-store.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-WLJ1U4NY-Y6rJBIybLniyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:08:56 GMT
expires: Thu, 15 Jun 2023 17:08:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C44A 0
0 74ms
72ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230613&jk=2270913567180579&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame E6AE 37 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 09:31:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 09:31:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E6AE 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lqIa-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3A10 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOJufOFfhRf3uM5xzc7Vt6GKE-xHRN8HwVq6yPcfHZSrRoFpBRmtlDz7JKBVxOnTW_IMY9XhB_k7UIDp2ivHIX6E4&sig=Cg0ArKJSzBrNpz7Wc5NHEAE&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=386,932,1003,1003,1003&tos=386,546,71,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2969136041&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1686848934691&rpt=671&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 17:08:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BEF6 0
127 B 14ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:08:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
78ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230613&jk=2270913567180579&bg=!eXqlei7NAAaGYqkwpmI7ADkAdvg8Wi_m2abjT1Mif65Gi9Bt2gEsz4lyjG8jhemE_VYxXi526mCOWGGKuavpskDDiNsy_pUv5vICAAAA_VIAAAADaAEHmQLd_mDK-tSFt6SL2WqALrDMY43maduo9KL0YWTHxCS87xdh_duzUxZ3mAmJUIDElXFEK_eaa4cdcL2yYrFfKOtdZBODgK2cZkaaPenA-PpWek6Cvc3zpF-XWxcVSbWBdN1QSfVb4FAXmsNhl-j5BYiQtUYteGUcPyE84MuW8MLhgMwRGb5jw5C8t7EVhre92JlZfWHFKQ15yUoCf3LVdJWeQ_bWXmzY6HYSB_fTrI_1KFO6DAUIST4uuflZhgnI15NvRzd6htu65_4peb9M1GWigvUT2jykB_qPg7TU7Y87fOmjjeAFV_-ewYOq_VONejrl26dCQeZ6RCDtwQJKEXXs_ZNOlxRZzNeXktVqvhhQFZxd6oPrVDXQeBb4DtpP_6sAsXEsDmlmtmjZYWKV-eO_SrqXciXBgxDKzeHOxG1zMIirP5jypVaKbf-Z58Uu56LHC-cMRgJAOwu15tO0sA6aH5ul7HW3WOZoFRvRKuVl_m2lo1urDa5QBdVANtW7aNL1LYWkq4YYwW-6MJoAlmWdCb-AM96uIN93ctsMtKg4gK-nFsCL-XmzNEV-hmi_h0ggD1b9bBGeYyesDwdtOHIENdNSCICTUx6E0ckSRUtWdqSNKIrWpl8xlU08j7BqD4_dpWL3fYCTOGHwYQy430PApXth7UjJkTpa-gR9eyDruUG1SdvVp2MnH1uXYuHO_jaA0O1DTCMxJlIRN03RW3szny8xEx9mPqQWR5ofqsAuo22dZ2JYrv5ns3D05ZMO-fQWyVeX4OognvDc8XZsobbxuJLcRLp2kMosn8xtNS8G03uubvNK7nAg9UEeN1UaFBu9_E8A7ae_FCewM9Yf4sSp6BL1FVPlApiCV2IQR2QMQ1pyPuBUAG0v1oMBSUwYVAdKFkI-0ZMCSRju8JdsP1nO81Gv9tvm0STFwt7-oM23rvCnfYT2qqOQfWiQhVg4LhuStsVeyHZ5w-_3x4zMFg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sham-store.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame D636 0
127 B 15ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:08:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3081 119 KB
119 KB 19ms
19ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2d797b34b35d45deef339a2e78faa48adf95eac4044f33afd6eff023d6fd0980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:08:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 121630
expires: Sun, 09 Jun 2024 08:39:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D636 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:09:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3081 75 KB
75 KB 48ms
47ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

323f73ff43ba79d50ea91b5b95e444441f0b76db8577823c0d636550e003a39f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:09:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 76868
expires: Sun, 09 Jun 2024 08:39:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame BEF6 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Jun 2023 17:09:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sham-store.shop/	1970-01-20 22:10:08	Name: _ga_42WJ63WTBL Value: GS1.1.1686848933.1.0.1686848933.0.0.0
.sham-store.shop/	1970-01-20 12:35:35	Name: _gid Value: GA1.2.93603213.1686848933
.sham-store.shop/	1970-01-20 12:34:08	Name: _gat_gtag_UA_256355281_1 Value: 1
.sham-store.shop/	1970-01-20 22:10:08	Name: _ga_XFTRVMTHCV Value: GS1.1.1686848933.1.0.1686848933.0.0.0
.sham-store.shop/	1970-01-20 22:10:08	Name: _ga Value: GA1.1.2073141390.1686848933
.doubleclick.net/	1970-01-20 21:55:44	Name: IDE Value: AHWqTUl_PqBOcQlUw3NsuvfroMEt0vcuoedoS_jDe4cCoAuKrBzZwSTTADw9KYWW0jI
.doubleclick.net/	1970-01-20 12:34:09	Name: test_cookie Value: CheckForPermission
.quantserve.com/	1970-01-20 14:43:44	Name: d Value: EC8BCQGeKYEA
.quantserve.com/	1970-01-20 22:04:23	Name: mc Value: 648b45a7-2569a-ca3b0-77a89
.blismedia.com/	1970-01-20 21:19:48	Name: b Value: 648B45A77116D7825B38A1DFBLIS
.travelaudience.com/	1970-01-20 22:04:23	Name: _tracker Value: %7B%22UUID%22%3A%22EF4494DC-D4E4-4F0D-B56D-BF62AFF01528%22%7D
.w55c.net/	1970-01-20 22:04:23	Name: wfivefivec Value: EJn8VRxu1Q9QsT5
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1686848935%2C%22utid%22%3A%2214c2be3708666cf2ace00352acff992b%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.mathtag.com/	1970-01-20 13:17:20	Name: mt_mop Value: 4:1686848936
.adform.net/	1970-01-20 13:17:20	Name: C Value: 1
.de17a.com/	1970-01-20 21:12:32	Name: guid Value: 1.5709833241813920093
.yahoo.com/	1970-01-20 21:20:06	Name: A3 Value: d=AQABBKdFi2QCEIlHKVzAZLFftxeJYyL1lnQFEgEBAQGXjGSVZAAAAAAA_eMAAA&S=AQAAAqh-aZRSwfn9hhWE0wQOQPY
.adform.net/	1970-01-20 14:00:32	Name: uid Value: 8640411831669203003
ads.travelaudience.com/	1970-01-20 22:04:23	Name: _tracker Value: %7B%22UUID%22%3A%22EF4494DC-D4E4-4F0D-B56D-BF62AFF01528%22%7D
.simpli.fi/	1970-01-20 21:21:11	Name: suid Value: 6F41917FE21247A5A27EA049D8E18DA0
.everesttech.net/	1970-01-20 21:19:44	Name: everest_g_v2 Value: g_surferid~ZItFpwAR67B_jABS
.innovid.com/	1970-01-20 14:43:44	Name: uuid Value: 1890f729-e054-45d2-917d-8f881fce5e07-20230615 13:08:55
.tribalfusion.com/	1970-01-20 14:43:44	Name: ANON_ID Value: annseFoZdUQdR2Hp9vcge04LsyIsLrZbbAh8JUjT4D4Zbv9mBYF3xr4NZb8Zc7gtZb5mRh9FjhMh0DZbZdMvBAts7mVC
.awin1.com/	1970-01-20 12:37:01	Name: awpv20044 Value: 412871\|1686848935\|4fb40ed0-0b9f-11ee-9c19-223148ce0464
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.o2online.de/	1970-01-20 12:44:13	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY4Njg0ODkzNnZsZWExZGUyMDIzMDYxNTE5MDg1Njg1OTI3MDE1ODQxWDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWRScHd0Z2ZRZkc5ajRVa0h3SDN0UXRkZERhOVN6VFlZNFNCMzlrb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEyMV9CRVNUUEVSRk9STUVSMTE3NzAz
.o2online.de/	1970-01-20 12:44:13	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 12:44:13	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023061519085685927015841X117703V1226132702MSviewoneidRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39koneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMzMDAwMDAwMDA2MTY4Njg0ODkzNnZsZWExZGUyMDIzMDYxNTE5MDg1Njg1OTI3MDE1ODQxWDExNzcwM1YxMjI2MTMyNzAyT

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9491495309229936&output=html&h=300&slotname=3912869825&adk=3132528263&adf=4266349633&pi=t.ma~as.3912869825&w=300&lmt=1686844847&format=300x300&url=https%3A%2F%2Fsham-store.shop%2Fnc-lawmakers-seek-to-strip-gov-cooper-of-power-to-appoint-members-to-dem-majority-election-board%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1686848932986&bpp=1&bdt=1246&idt=615&shv=r20230613&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8319186508196&frm=20&pv=1&ga_vid=2073141390.1686848933&ga_sid=1686848934&ga_hid=579987793&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=1084&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31075067%2C31075307%2C44788442%2C44793499&oid=2&pvsid=2270913567180579&tmod=404543101&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VQnAvnlidG&p=https%3A//sham-store.shop&dtd=624 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	error	URL: https://as.ad4m.at/ad/dr?ed=1jnsbddp9qshcdhhcdqe503ys7vj0efr8caxtkz5jeqykmgfvqtfbahe8pr76z0kjfegf1sqf8xx3bhkjpcy8qmy7zj6xdbt13f90mevcgw4v8n05483yp9jq55q9r8kkyhsfrpgbydqvr1y0wsxan1d2wqvq67kh61tph5k54rwemwpezas2ncj0baedxmrqpkry6n8c4wfb33v83avbyrn3dat6waj9xnqdscjkej72vxegy2650b38awrdyxv978zrhkmmdbcshafvxfdy0s1zjmmcttrdtvjkymne7y6ppt0h1epxr36bxpc84pzw9235hztkvavhxb6ddgwmczyv2h9a4tvhhq3ptj7zt1grda83hdm6yr2yxvackkga8pzd0td8bv0707wyqg0qms3cq0xaqx9t8pxzn1wndmczmjvww9k0t8653etede0dnwyhccq6g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%26client%3Dca-pub-9491495309229936%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C192347%2C15573&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CRpwtgfQfG9j4UkHwH3tQtddDa9SzTYY4SB39k%2CG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CQJga4fjfPr2ghxH5HYt9CZZWS6S4TGGESEz91%2CVb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=250&e=&g=a09da2b19851e393948fce9855bbb560%2F10899204150181853040&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1686848935831&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8gfnq1vp2cqse166pasf3fz66qxzegd17a0nwwf9wbbn7y0464trpa1t1bz2c8em8y2ge2jzy3bv1dy13hxnrb7azxhdkwb236ersxkv4wz794bydcwwpc8m7pbp63nbtsn22t58tqjrx9zjfn4eeqfbtz6dbqgjkdkqrtfejsnqfzxrcxyqkmr7f7x9z2knt6bstez12998mx4gw1bk2vqcw5rzf4z0cza6z95de7exsywr059fax7bkjp95thzgjg1v0wmxwkaq970y90www%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiBQtpkWLZNTXIKSio9kPsrOAyA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NDkxNDk1MzA5MjI5OTM2yAEJqQLxDV1bjDCyPqgDAaoEqQJP0D2RvJSABGTnkb-LtXbxn3xt1l9ZwH41ShS617bamQSHK0G7MF6gYyAn-WSoFDSz7CQS0fU6XWZ3TnIdVMcaUhHDYthG8rx3LT6v3TYM6JWI4CcLX0-3EsrWT-DTa3kT5909paaO42Uw2a1beruSeALaosloJv8gbm7Ga9vd72yXICk9zC4cff4vZgHCgYVTWjTnUmiblh9V0RWd1kRvfH2_z0IP6n8t5OX0BrB9lH6pvZ9Hk9f9N-2bZZ0Qq-T49DM8AEi2z8hs7AT82vDB24oxXPeofSJf6CZDsUIyLocmL__-qkGq9g9S7u0zSf-bkJ8ZnOM4fykREiY3q2ze4A4XrmkWrlVDM4ftVSik3ZhVbOkPDfmEPT4TZx9sTVGLQl_PnNSHC82ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2FX3c_3M7rrPC8NKtA4Y11wBFiog%2526client%253Dca-pub-9491495309229936%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
ads.w55c.net
adservice.google.com
ag.innovid.com
ajax.googleapis.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
cat.nl3.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
cti.w55c.net
d.adroll.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.w55c.net
imageproxy.eu.criteo.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.adroll.com
s.tribalfusion.com
secure.gravatar.com
sham-store.shop
static-de.ad4mat.net
static.criteo.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
t.hspvst.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
142.250.74.194
145.239.193.130
15.197.193.217
151.101.66.49
154.58.197.185
167.233.13.224
172.217.16.198
178.250.1.6
178.250.1.9
185.29.132.245
2.16.97.41
2001:4860:4802:34::36
213.155.156.182
23.56.205.163
2600:1901:0:76b9::
2600:9000:2251:a200:3:4706:a6c0:93a1
2600:9000:225e:fe00:6:9280:1080:93a1
2600:9000:2491:a600:1b:f040:3600:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700::6812:18ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:802::2002
2a00:1450:4001:802::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::9
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::c
2a02:4780:b:852:0:ced:64b8:10
2a02:fa8:8806:13::1400
2a04:fa87:fffe::c000:4902
2a05:d018:cc3:fe04:9d37:69dd:1802:43b7
2a05:d018:d29:3601:af59:edb8:6ff5:5fcc
2a05:d01c:1d8:8102:93c2:afdd:6b38:a325
34.250.57.204
34.96.105.8
35.190.0.66
35.204.158.49
37.157.5.84
51.89.9.254
84.200.5.215
98.98.134.242
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03dd15a551c408fc3ee4496227c5b0798ead05885e535e47f3fa13b6d0fad687
064cf7614522d49cc2c991efde6827b907e347e54cb74fd08b7480803fced02d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0084a5075fbd8177e85f6e8d5401f016387735fd92accf20ce5d5da375befa
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
14f422a8d5fbd69824d31215501a7555c3d572fca20640d0b0b5afd39debc47a
153be3e1b5701ba448c68f42ac2706b4a07dd13577f72672dc64cf050c9a7018
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e6974b9aee2f647c725d559b2522137aa6da698c4df2af0b4660ccfd1c2aabe
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
26e0a4940a7118f9446572007b9ee9ad23d287e158067a252b5e27e702f69772
2af0c5e150b151b4e24db10de46e51ab10e749b7ab4205b097f439db04714e2d
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2d797b34b35d45deef339a2e78faa48adf95eac4044f33afd6eff023d6fd0980
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2ff0fe95eeed4c8c492470a335e5159a88cb2a9cac91cc81d3e1d74eb11997fb
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04
323f73ff43ba79d50ea91b5b95e444441f0b76db8577823c0d636550e003a39f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33f8a5e6aecd055295a2372d62720640c27eb6b8eaefd01daf2518a5fea566aa
343757d3dfd6f25891141c8ae26a580e0fdee4d8aebe67eb118effcec5599c99
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
3547ea71b0ee87f6ea222ae5f37bb9c21b78dedc3568dba126f46448b82396fa
39c2172495852ffc51e6f86ef95adfa3cbc9843df71814081e395708b238d98c
3dbe73a90f1370d3bdefdeb5ccca6a4f3c6edb2bc1b06c47b7e5ae2457bc58ab
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40233c691fc8e67260426396c713720f03f346a5e0a37bec080762d13b8fa130
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
453eb2a3e8950acb2d510154c68dbd9e8a16767384c696e18c7da54fcf9f1fbe
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72
49d663380322efe2f5d664ef0626a079b2c99e846bd245862c7cec4fbeb150a2
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5e69e1fb4b4787361714b5dc55266ca81cea21d38477dca4644c234529f693dd
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6321b933446f8ef426f7f524cdf4014574674e9bd07e8af68f6b0de7117c5646
6348856d7c573d71936594315c5928c707be4ba69f74c6e35aa6639a67161cd8
65b8fbd7e61c22d364459a3e2b57ec865e2c63e7b3c9a20af909c05bbc00e023
65fbca61d1918db0ec685ca0369a1b83d555c83c51e729d5359a015649283d6a
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6aeeb0b332de2e7c47cac0b796ac6aac7c9b32fed8b0f1efa610ba6f1d712634
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dac5f0abc3947e371bfbc0ee85641df8aebde0e0b03409ed8df991bea37b6d5
721409a2f030d1759b758226c9155d911f49c36dddb22509392df6064515d8b1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
74e58c322b655fe36b03bd036c00a36e6792efcf5d3ca7b144c9f4e71ed30908
7a5fc3189c0e62a350875d4b2fd0789eee28530a647ca87315a63fb6264c6a80
7cc53b9adf139d3c48666f76e1d316281c5e9065f7eeaa3fb329057c397f83e5
7f4b2081eb07f23a31d5eb525a027d6af4b79a75777a03b69013d2281432888c
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7fe4e53c5010f9c6ac80701d7be28febce0dd0f8adbb0df1275f00eec20f3a4b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8133f6e5c98f920ffbe15f23fc2bf00db1f8cdd8594f79a7a8571dc9695b9ed9
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
8404536e978aac3d30f769462b1b85b6e93c11b9e3dfa557cc1c33bc54b040bc
84f64586f3dd71280aa264aba2d068f6f2fd64cf039d37e4d4062c33e4e8fec4
87c9f17c7ce6807645c4de0bad67630974d3e68f03ff1af5ac94dd8b9784265c
886bef58a0004662b9275bf4b43cf943534f4974ad291dac2acf5eb315f2ebbf
8bd2f225e8c5fbdf97aa14bd83c0696379a9880c50c40c01419b0b7b98c7b3b6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90d7f8fd47b0b01561b280109490c0e7d29be3f426a1f5cf70fab5d5d1ac2dba
91a1148af5baa1d6ea3a64540de9e114f23978d92b549e8a0f2e403a135e5d3a
9744b18fa7785cf5f18633b1d8949676896bb28df52e4eff76a3be55f225731e
993d8adb5355f1f018b4b6eff0e082e1b0f8f30da9a2396b72645d5cbfb15bca
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a36afccc13609e3ac7ddfb39aea0bc707109eab31e38aa1ef7b8fbf05023ea46
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68bebfc54f52106e1a683307f6bc9b344573d8d46bca22194585b807ffd0f64
a71a6209be03d59358c3f459c15ab3dfb186812f12ee077cd621933a96400598
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b0eca4f6a692e3a64455105f0ab0c20b090afa56987323cef23b3e6f650cd615
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b5c9fd37dca1ec56a382c45a38fd9aa8425a4b522200f6526b982902f3c3f06c
b65d4e739a96948e44d42ea43453f3bb2cbbabdc59f0c053fa42d36bca7f345f
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
bd10e0814d028f40f72a03ff14bd45935f6f4927aa43deadf95016d7d0baeb5d
be17dafcda80034da42aed014dab740f471a837d939058473e9d72394c541455
bec5a1d1475fce5ac5ac2af78d6a3c285f88034f7f56a83570c8fdd6d8c162fb
bf1e690b97fd97ddea7a60ef92058c356b1987ea28d6d9c9b397012ab712a297
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
c9d18e30d3bf47a44c7a09b18bfb60ed8bb519f62f33d7501eb7d365f2a09d0c
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d38282ac0c1816553a3a1c9b74f00bcf0b60aad1b473bc58b1403c67ba5c8048
d3a2b63d63e5bd8b60b9370bcb292d2f6e76a10f6f3e5d0284db3c8074a847ef
d43dd4a38df6a80e592b8b349c51f1f9fa718e9f91da755b98e7acc19ce86aeb
d4fc8c1e4e27a926227938fbf2af0085a5b76ac56ff695b1208005a34b0ddbc9
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d68aeef2cc5d1b7ac7adf3dcba64ea7d90950c5805cf3626f6a66e1f7e30b238
d982c4fff78c63ed84481eb36845e3b9e2753bfe996a3ba45835f75c6af1dc55
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de31bce51f49c0fffa7d7dfbb664955b6d2ace47949b91746cceaeab3716e1bd
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e794207b2db3baaa427ab4ef9c2a7a4bedce491a6d0edf11f3dbe91fdfea2536
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1
eb17860e7130937384b4fb3300a595529da9853a83750312e7952a73383ca560
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635
f4a5ce65131fdd1239c1895342de01c49d4ad1a510c1af585dbfff0e31ee6c5e
f4f995c64f12a82b435dcfbafb061c05127a751eb5051460c82456de151a4ee4
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f998579bfbc306016eb433ccbec58c36d5e7bbc8deca4c6ceb52d875c23d75d5
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

sham-store.shop Open in urlscan Pro 2a02:4780:b:852:0:ced:64b8:10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

247 Requests

91 %HTTPS

61 %IPv6

39 Domains

58 Subdomains

45 IPs

10 Countries

4610 kBTransfer

8121 kBSize

29 Cookies

9 Outgoing links

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sham-store.shop Open in urlscan Pro
2a02:4780:b:852:0:ced:64b8:10 Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

91 %
HTTPS

61 %
IPv6

39
Domains

58
Subdomains

45
IPs

10
Countries

4610 kB
Transfer

8121 kB
Size

29
Cookies

247 HTTP transactions
6 data transactions